Prestige 334W User’s Guide

 

 

Table 16-7 VPN: Rule Setup (Basic)

 

 

 

 

 

LABEL

DESCRIPTION

 

 

 

 

 

 

DNS Server (for

If there is a private DNS server that services the VPN, type its IP address here. The

 

 

IPSec VPN)

Prestige assigns this additional DNS server to the Prestige’s DHCP clients that

 

 

 

have IP addresses in this IPSec rule's range of local addresses. A DNS server

 

 

 

allows clients on the VPN to find other computers and servers on the VPN by their

 

 

 

(private) domain names.

 

 

My IP Address

Enter the WAN IP address of your Prestige. The Prestige uses its current WAN IP

 

 

 

address (static or dynamic) in setting up the VPN tunnel if you leave this field as

 

 

 

0.0.0.0.

 

 

 

The VPN tunnel has to be rebuilt if this IP address changes.

 

 

 

 

 

 

Local ID Type

Select IP to identify this Prestige by its IP address.

 

 

 

Select DNS to identify this Prestige by a domain name.

 

 

 

Select E-mailto identify this Prestige by an e-mail address.

 

 

Local Content

When you select IP in the Local ID Type field, type the IP address of your computer

 

 

 

in the local Content field. The Prestige automatically uses the IP address in the My

 

 

 

IP Address field (refer to the My IP Address field description) if you configure the

 

 

 

local Content field to 0.0.0.0 or leave it blank.

 

 

 

It is recommended that you type an IP address other than 0.0.0.0 in the local

 

 

 

Content field or use the DNS or E-mailID type in the following situations.

 

 

 

When there is a NAT router between the two IPSec routers.

 

 

 

When you want the remote IPSec router to be able to distinguish between

 

 

 

VPN connection requests that come in from IPSec routers with dynamic

 

 

 

WAN IP addresses.

 

 

 

When you select DNS or E-mailin the Local ID Type field, type a domain name or

 

 

 

e-mail address by which to identify this Prestige in the local Content field. Use up to

 

 

 

31 ASCII characters including spaces, although trailing spaces are truncated. The

 

 

 

domain name or e-mail address is for identification purposes only and can be any

 

 

 

string.

 

 

 

 

 

 

Secure Gateway

Type the WAN IP address or the URL (up to 31 characters) of the IPSec router with

 

 

Address

which you're making the VPN connection. Set this field to 0.0.0.0 if the remote

 

 

 

IPSec router has a dynamic WAN IP address (the IPSec Keying Mode field must

 

 

 

be set to IKE). The remote address fields do not apply when the Secure Gateway

 

 

 

Address field is configured to 0.0.0.0. In this case only the remote IPSec router can

 

 

 

initiate the VPN.

 

 

Peer ID Type

Select IP to identify the remote IPSec router by its IP address.

 

 

 

Select DNS to identify the remote IPSec router by a domain name.

 

 

 

Select E-mailto identify the remote IPSec router by an e-mail address.

 

VPN Screens

16-13