Configure Ipsec Tunnel Default Action - Digi TransPort WR11 User Manual

Configuring Virtual Private Networking (VPN)

Configure IPsec tunnel default action

Like a normal IP routing set-up, IPSec Tunnels have a default configuration that is applied if no specific
tunnel can be found. This is useful when, for example, you want to have a number of remote users
connect via a secure channel, for example, to access company financial information, but also still allow
general remote access to other specific servers on your network or the Internet.
É
Web
1. Go to Configuration > Network > Virtual Private Networking > IPsec Tunnels > IPsec
Default Action.
2. Configure the IPsec tunnel default action parameters:
When a packet is received which does not match any IPsec tunnel
How the router responds if a packet is received when there is no SA.
Drop the packet: Routes only packets that match a specified IPsec tunnel and discards
n
all other data. This has the effect of enforcing a secure connection to all devices behind
the router.
Pass the packet: Decrypts and authenticates all packets that match an IPsec tunnel,
n
depending on the IPsec tunnel's configuration. Data that does not match is also allowed
to pass.
When a packet is to be transmitted which does not match any IPsec tunnel
How the router will respond if a packet is transmitted when there is no SA.
Drop the packet: Routes only packets that match a specified IPsec tunnel and discards
n
all other data.
IPass the packet: Decrypts and authenticates all packets that match an IPsec tunnel,
n
depending on the IPsec tunnel's configuration. Data that does not match is also allowed
to pass.
3. Click Apply.
Digi TransPort® Routers User Guide
Configure Internet Protocol security (IPsec)
487