Field
IKE Version
IPsec Mode
Select Local Gateway
Remote Endpoint
Enable Mode Config
Enable NetBIOS
Enable RollOver
Protocol
Enable DHCP
Tunnel mode IPsec policies require local and remote traffic settings to be defined. For both local and remote endpoints configure the
following settings.
VPN Settings
Select the IKE version to be used. Choices are:
IKEv1
•
IKEv2
•
Select the IPsec mode. Choices are:
Tunnel Mode = most commonly used between gateways, or at an end-station to a gateway,
•
the gateway acting as a proxy for the hosts behind it.
Transport Mode = used between end-stations or between an end-station and a gateway, if the
•
gateway is being treated as a host — for example, an encrypted Telnet session from a
workstation to a router, in which the wireless controller is the actual destination.
If two Option ports are configured to connect to an ISP, select the gateway that will be used as
the local endpoint for this IPsec tunnel.
Select the type of identifier that you want to provide for the gateway at the remote endpoint.
Choices are:
IP Address
•
FQDN
•
Enables or disables the Mode Config feature. Mode Config is similar to DHCP and is used to
assign IP addresses to remote VPN clients, like iPhone VPN Client. Choices are:
Checked = enable Mode Config. If you enable Mode Config, configure the Mode Config
•
settings (see "Mode Config Settings" on page 109).
Unchecked = disable Mode Config.
•
Determined whether NetBIOS broadcasts travel over the VPN tunnel. For client policies, the
NetBIOS feature is available by default. Choices are:
Checked = allows NetBIOS broadcasts to travel over the VPN tunnel
•
Unchecked = disables NetBIOS broadcasts over the VPN tunnel.
•
Determines whether the VPN will roll over when Option Mode is set to Auto Rollover on the
Option Mode page. Choices are:
Checked = allows the VPN to roll over when Option Mode is set to Auto Rollover on the Option
•
Mode page.
Unchecked = disables VPN rollover.
•
Determines whether VPN clients obtain an assigned IP address using DHCP when they connect
to the wireless controller over IPsec. Choices are:
Checked = VPN clients get an IP address.
•
Unchecked = VPN clients do not get an IP address.
•
97
DWC-1000 Wireless Controller User's Guide
Description