Managing Private Subnets - Siemens RX1500 User Manual
Ruggedcom rox ii series
Hide thumbs
Also See for RX1500:
- Installation manual (60 pages) ,
- User manual (664 pages) ,
- Reference manual (148 pages)
Table of Contents
Advertisement
Chapter 5
Setup and Configuration
Parameter
Certificate
5.
In the System Identifier form, configure the following parameters:
Parameter
type
Hostname, IP Address or Distinguished
Name in Certificate
6.
In the Nexthop to Other System form, configure the following parameters:
Parameter
Type
IP Address
7.
In the Left/Right form, configure the following parameters:
Parameter
NAT Traversal Negotiation Method
8.
If required, configure a subnet for the connection end. For more information, refer to
"Configuring Private Subnets for Connection
9.
Click Commit to save the changes or click Revert All to abort. A confirmation dialog box appears. Click OK
to proceed.
10. Click Exit Transaction or continue making changes.
Section 5.28.10
Managing Private Subnets
If the device is connected to an internal, private subnet, access to the subnet can be granted to the device at the
other end of the IPsec tunnel. Only the IP address and mask of the private subnet is required.
The following sections describe how to configure and manage addresses for private subnets:
634
Description
The selected certificate.
Description
Synopsis: default, none, from-certificate, address, hostname, der-asn1-dn, user-fqdn
Default: default
The system identifier type. The default value is 'left side public-ip' unless overwritten by
the default connection setting.
The hostname, IP address or the Distinguished Name in the certificate.
Description
Synopsis: default, default-route, address
Default: default
The next hop type. The default value is 'right side public-ip' unless overwritten by the
default connection setting.
The IP address of the next hop that can be used to reach the destination network.
Description
Synopsis: default, draft-ietf-ipsec-nat-t-ike-02, rfc-3947
Default: default
The NAT traversal negotiation method. Some IPsec endpoints prefer RFC 3947 over
draft-ietf-ipsec-nat-t-ike-02 when connecting with Openswan, as these implementations
use different identifiers when NAT is involved. For example, when a Windows
XP/2003 client connects, Openswan reports the main mode peer ID is ID_FQDN:
'@example.com', but when a Vista, Windows 7 or other RFC 3947 compliant client
connects, Openswan reports the main mode peer ID is ID_IPV4_ADDR: '192.168.1.1'.
This will cause issues connecting to the IPsec server. In such cases, setting this option
to draft-ietf-ipsec-nat-t-ike-02 will solve this problem. The default value is 'rfc-3947'
unless overwritten by the default connection setting.
Ends".
RUGGEDCOM ROX II
User Guide
Section 5.28.10.1,
Managing Private Subnets
- Quick Links:
- Connecting Directly
Hide quick links:
Advertisement
Table of Contents
