Prestige 652 ADSL Security Router

25.3.1 My IP Address

My IP Addr is the WAN IP address of the Prestige. If this field is configured as 0.0.0.0, then the Prestige will use the current Prestige WAN IP address (static or dynamic) to set up the VPN tunnel. If the My IP Addr changes after setup, then the VPN tunnel will have to be rebuilt.

25.3.2 Secure Gateway Address

Secure Gateway Addr is the WAN IP address or domain name of the remote IPSec router (secure gateway).

If the remote secure gateway has a static public IP address, enter it in the Secure Gateway Addr field.

You may alternatively enter the remote secure gateway’s domain name in the Secure Gateway Addr field. This also works when the remote secure gateway uses DDNS. This way your Prestige can find the remote secure gateway, even if it has a dynamic WAN IP address.

If the remote secure gateway has a dynamic WAN IP address and does not use DDNS, enter 0.0.0.0 in the Secure Gateway Addr field. In this case only the remote secure gateway can initiate SAs. This may be useful for telecommuters initiating a VPN tunnel to the company network. See the following table for an example configuration.

You can configure multiple SAs to simultaneously connect through the same secure gateway. In this case, you must configure the SAs to have the same Negotiation Mode and Pre-Shared Key (Menu 27.1.1.1 IKE Setup).

Table 25-2 Telecommuter and Headquarters Configuration Example

 

TELECOMMUTER

HEADQUARTERS

My IP

0.0.0.0 (dynamic IP address

Public static IP address

address:

assigned by the ISP)

 

Secure

Public static IP address or

0.0.0.0

Gateway IP

domain name

With this IP address only the

Address:

 

 

telecommuter can initiate the IPSec

 

 

 

 

tunnel.

 

 

 

25-4

VPN/IPSec Setup