1. Manuals
  2. Brands
  3. Planet Manuals
  4. Network Router
  5. ADSL 2/2+ VPN Firewall Router ADW-4302A v2
  6. User manual

Vpn Configuration - Planet ADSL 2/2+ VPN Firewall Router ADW-4302A v2 User Manual

Planet technology adsl 2/2+ vpn firewall router user's manual
Hide thumbs
Table of Contents

Advertisement

ADW-4302v2 User Guide
Because the IKE and IPSec connections are separate, they have different SAs (secu-
rity associations).
Policies
VPN configuration settings are stored in Policies.
Note that different vendors use different terms. Generally, the terms "VPN Policy",
"IPSec Policy", and "IPSec Proposal" have the same meaning. However, some ven-
dors separate IKE Policies (Phase 1 parameters) from IPSec Policies (Phase 2
parameters).
For the ADW-4302v2; each VPN policy contains both Phase 1 and Phase 2 parame-
ters (if IKE is used). Each policy defines:
The address of the remote VPN endpoint
The traffic which is allowed to use the VPN connection.
The parameters (settings) for the IPSec SA (Security Association)
If IKE is used, the parameters (settings) for the IKE SA (Security Association)
Generally, you will need at least one (1) VPN Policy for each remote site for which you
wish to establish VPN connections.
It is possible, and sometimes necessary, to have multiple Policies for the same remote
site. However, you should only Enable one (1) policy at a time.

VPN Configuration

The general rule is that each endpoint must have matching Policies, as follows:
VPN Endpoint
address
Local & Remote
LAN definition
IKE parameters
IPSec parame-
ters
Each VPN endpoint must be configured to initiate or accept
connections to the remote VPN client or Gateway.
Usually, this requires having a fixed Internet IP address. How-
ever, it is possible for a VPN Gateway to accept incoming
connections from a remote client where the client's IP address
is not known in advance.
This determines which outgoing traffic will cause a VPN connec-
tion to be established, and which incoming traffic will be
accepted. Each endpoint must be configured to pass and ac-
cept the desired traffic from the remote endpoint.
If connecting 2 LANs, this requires that:
Each endpoint must be aware of the IP addresses used on
the other endpoint.
The 2 LANs MUST use different IP address ranges.
If using IKE (recommended), the IKE parameters must match
(except for the SA lifetime, which can be different).
The IPSec parameters at each endpoint must match.
128

Advertisement

Table of Contents
loading

Related Manuals for Planet ADSL 2/2+ VPN Firewall Router ADW-4302A v2

Related Content for Planet ADSL 2/2+ VPN Firewall Router ADW-4302A v2

This manual is also suitable for:

Adw-4302b v2

Table of Contents