THOMSON SpeedTouch 608WL Configuration Manual page 57

Wireless business dsl router ipsec configuration guide

Hide thumbs Also See for SpeedTouch 608WL:

User manual (208 pages)

User manual (212 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

Table of Contents

Primary Untrusted

Physical Interface

Virtual IP mapping

Optional Remote

network

E-DOC-CTC-20051017-0169 v0.1

This field shows a list of your SpeedTouch™ interfaces. You select the preferred

Primary Untrusted Physical Interface. This interface is used as the primary carrier

for your VPN connection. In general, the primary untrusted interface is your DSL

connection to the public Internet.

In the SpeedTouch™ the routing engine determines which interface is used for the

VPN connection (your DSL connection to the Internet in most cases). So, what is the

relevance to select a physical interface?

In a VPN client the selection is relevant only when your SpeedTouch™ is equipped

with a backup physical interface, for example an ISDN backup interface. This field

determines the

preferred

interface for your VPN connection. This interface is used

whenever it is available. When this interface fails, the active VPN connections are

re-routed via the backup interface. When the primary interface becomes available

again, the VPN connections are re-routed to the primary interface. On the other

hand, when you select any as the Primary Untrusted Physical Interface and this

interface fails, the active VPN connections are also re-routed to the backup interface.

But when the DSL connection becomes available again, the VPN connections are

not re-routed as long as the backup connection is available.

Either dhcp or nat can be selected.

Selecting dhcp as virtual IP address mapping has the effect that the virtual IP

address attributed by the VPN server to the SpeedTouch™ VPN client is

effectively assigned to the terminal. The SpeedTouch™ creates a new IP

address pool, called a spoofing address pool. The SpeedTouch™will use this

pool to provide a new IP address to the terminal that starts the secure

connection. Simultaneous access to the VPN of multiple terminals in the LAN

is not possible. The VPN server attributes a single virtual IP address.

The

spoofing address pool

from the

originally used address pool.

of IP addresses, it is recommended to set a conveniently low lease

time in the original dhcp address pool. A value of 60 seconds is

suggested.

Selecting nat as virtual IP address mapping has the effect that the VPN server

attributes a virtual IP address to the SpeedTouch™ VPN client. This virtual IP

address is stored in the SpeedTouch™. The SpeedTouch™ will automatically

create a new NAT entry to map the virtual IP address to the IP addresses used

on the local network. Simultaneous access to the VPN of multiple terminals is

supported.

These settings allow you to limit the accessible area on the remote network.

Normally the VPN server sets this parameter during the tunnel negotiations.

Configuration via Local Pages

inherits the lease time for IP addresses

In order to have a swift renewal

Chapter 3

Table of Contents

This manual is also suitable for:

Speedtouch 620

THOMSON SpeedTouch 608WL Configuration Manual page 57

Related Manuals for THOMSON SpeedTouch 608WL

Related Products for THOMSON SpeedTouch 608WL

This manual is also suitable for:

Table of Contents