Multi-Tech Systems, Inc.
RF550/560VPN Reference Guide – RF550/560VPN Using a NAT Box with IPSec Pass-Through 3
Example 1
This example provides a sample RouteFinder configuration and related address scheme for an
application employing Client-to-LAN IPSec Pass-Through communication. This is an example on how to
configure an RF550VPN/RF560VPN at Site A and an SSH Sentinel client behind a NAT box at Site B, so
that Site A and B can communicate through a secure connection over the Internet using IPSec Pass-
Through. This example shows Site B using a static or dynamic IP address.
The diagram shows a RouteFinder 550VPN, but it can also be a RouteFinder 560VPN.
SSH IPSec Client behind a NAT doing IPSec pass through to a RouteFinder 550/560VPN
1. Domain name = Site-A.com
2. Public Class C = 204.26.122.x
3. SETUP WIZARD > DEVICE IP SETTINGS
IP Address: 192.168.2.1
IP Subnet Mask: 255.255.255.0
4. SETUP WIZARD > ISP SETTINGS
Select ‘Static IP Settings’
IP assigned by your ISP: 204.26.122.103
IP Subnet Mask: 255.255.255.0
ISP Gateway Address: 204.26.122.3
5. SETUP WIZARD > VPN SETTINGS
Connection Name = IPSec Pass-Through
Enable ‘Enable UID” (Unique Identifier String)
Local IPSEC Identifier = 204.26.122.103
Remote IPSEC Identifier = 192.168.10.0
Disable (do not check) ‘Enabled Keep Alive’
Disable (do not check) ‘Enabled NetBIOS
Broadcast’
Remote Site = LAN
Remote IP Network = 10.10.10.2
Remote IP Netmask = 255.255.255.0
Remote Gateway IP/FQDN = 204.26.122.3 (static)
Remote Gateway IP/FQDN = 0.0.0.0 (dynamic)
Network Interface = WAN ETHERNET
Secure Association = check IKE
Perfect Forward Secure = check enabled
Encryption Protocol = select 3DES
Preshared Key = (must match key code at Site B)
Key Life = set to default
IKE Life Time = set to default
Note: Make sure that all routers between both SSH IPSec ends can route IP protocol 50 (IPSec).
Sometimes routers are configured to route only TCP (protocol 6), UDP (protocol 17) and ICMP
(Protocol 1) and drop all other protocols. VPN routers configured that way won’t work with IPSec!
(27 stránky)
(2 stránky)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce