1. Manuals
  2. Brands
  3. HotBrick Manuals
  4. Firewall
  5. Dual WAN Firewall VPN 1400/2
  6. User manual

HotBrick Dual WAN Firewall VPN 1400/2 User Manual

Dual wan vpn firewall
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
Dual WAN Firewall VPN 1400/2
User's Guide
Version 1.0 Date : Nov 2006
Please Check www.hotbrick.com for the latest version

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the Dual WAN Firewall VPN 1400/2 and is the answer not in the manual?

Questions and answers

Related Manuals for HotBrick Dual WAN Firewall VPN 1400/2

Summary of Contents for HotBrick Dual WAN Firewall VPN 1400/2

  • Page 1 Dual WAN Firewall VPN 1400/2 User's Guide Version 1.0 Date : Nov 2006 Please Check www.hotbrick.com for the latest version...

  • Page 2: Table Of Contents

    Block URL... 40 Access Filter... 41 Session Limit... 42 SysFilter Exception……………………………………………………………………………….…. 43 7: VPN Configuration ……………………………………………………………………………………..44 Tunnel to HotBrick Unit ... 45 Tunnel to HotBrick client ………………………………………………..…………………………..45 Advanced settings ……………………………………………………………………………….…… 46 IPSec policy options …………………………………………………………………………..………49 VPN preset …………………………………………………………………………….…………..….. 50 SA List ………………………………………………………………………………….…………..….. 51 VPN log………………………………………………………………………………….…………..…..52...
  • Page 3 General Problems ... 73 Internet Access ... 73 APPENDIX D IPSEC TUNNEL EXAMPLES ... 74 Tunnel to HotBrick Unit ... 74 Copyright HotBrick 2006®. All Rights Reserved. Document Version: 1.0 All trademarks and trade names are the properties of their respective owners.

  • Page 4: 1:Introduction

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 1:Introduction Congratulations on the purchase of your new Dual WAN VPN Firewall. The Dual WAN VPN Firewall not only provides 2 WAN ports selections – it also provides Shared Broadband Internet Access for all LAN users.
  • Page 5 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Supports all common Connection Methods All popular DSL and Cable Modems and connection methods are supported, including Fixed IP, Dynamic IP, PPPoE, and PPTP. Outbound/Inbound Traffic Load Balancing and Failover There are many load-balancing methods to allow administrators to manage the traffic from LAN or WAN to maximize bandwidth usage.

  • Page 6: Other Features

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Other Features 16-Port Switching Hub The Dual WAN VPN Firewall incorporates a 16-port 10 /100BaseT switching hub that allows you to quickly create or extend your LAN. DHCP Server Support Dynamic Host Configuration Protocol provides dynamic IP addresses to PCs and other devices upon request.

  • Page 7: Package Contents

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Package Contents The following items should be included: The Dual WAN VPN Firewall Unit Power Cord Quick Installation Guide CD-ROM containing the on-line manual. Note: If any of the above items are damaged or missing, please contact your dealer immediately.
  • Page 8 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Some Status and Error conditions are indicated by combinations of LED’s, as shown below LED Action Status – System & Packets flash alternatively. Status – System & Packets flash concurrently. Status – System (Solid Off) & Packets (Solid On) Status –...

  • Page 9: Default Settings

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Rear Panel AC 100V ~ 240V Connect to AC100~240V / 50~60Hz with AC power cord. Default Settings When the Dual WAN VPN Firewall has finished booting, all configuration settings will initially be set to the factory defaults, including: IP Address set to its default value of 192.168.1.1, with a Network Mask of...
  • Page 10 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Note: The supplied Windows TFTP utility also allows you to perform three (3) additional operations: Save the current configuration settings to your PC (use the "Save Configuration" button). Restore a previously saved configuration file to the Dual WAN VPN Firewall (use the "Upgrade Firmware"...

  • Page 11: 2: Quick Installation

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 2: Quick Installation Overview Initial Basic Setup of your Dual WAN VPN Firewall involves the following steps: Attach a PC to the Dual WAN VPN Firewall in port 3 ~ 16, and configure your LAN.
  • Page 12 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 No Response? Is your PC using a Fixed IP address? If so, you must configure your PC to use an IP address within the range 192.168.1.2 to 192.168.1.254, with a Network Mask of 255.255.255.0. See Appendix B – Windows TCP/IP Setup for details.
  • Page 13 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 8. Select LAN & DHCP from the menu. You will see a screen like the example below. 9. If your LAN already has a DHCP Server, and you wish to continue to use it, the following configuration is required.

  • Page 14: Installing

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Installing the Dual WAN VPN Firewall on your LAN 13. Ensure the Dual WAN VPN Firewall and the DSL/Cable modem are powered OFF. Leave the modem or modems connected to their data line. 14. Connect the Broadband modem or modems to the Dual WAN VPN Firewall.

  • Page 15: Lan & Dhcp

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 3. Quick Installation - LAN & DHCP Select LAN & DHCP from the menu. You will see a screen like the example below. Ensure these settings are suitable for your LAN. The default settings are suitable for most networks.
  • Page 16 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 LAN IP Configuration: IP address - for the Dual WAN VPN Firewall, as seen from the local LAN. Use the default value unless the address is already in use or your LAN is using a different IP address range.

  • Page 17: Dhcp Client List

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 DHCP Client List This table shows the IP addresses that have been allocated by the DHCP Server. For each allocated address, the following information is displayed. Name – The ""hostname"" of the PC. In some cases, this may not be known.

  • Page 18: Primary Setup

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Quick installation Primary setup Connection mode Enable Select this if you have connected a broadband modem to this port. Disable – Select this if there is no broadband modem connected to this port. Backup – Use this if you have a broadband modem on each port, and wish to normally use only one.

  • Page 19: 3: Loadbalancing

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 3 : Loadbalancing This screen is only operational if using Internet connections on both WAN ports Figure 3-2: Load Balance Load balancing – Load Balancing Enable – Use this to enable your Load Balance settings. Unless this is checked, the other settings on this screen have no effect.

  • Page 20: 4: Advanced Wan

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 4 : Advanced WAN Port options Connection validation Health Check – If disabled, the Alive Indicator Check is not performed. The default is enabled. Health checking is performed by ICMP echo request and HTTP packets to the specified destination that could be either: the Name or IP Address the user specified in the “Alive Indicator”...

  • Page 21: Traffic Management

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Transparant bridge option Bridge Mode – If set to Enable, this WAN port does not use NAT or the Load Balance function when both the LAN and WAN have real IP addresses on the same network segment.

  • Page 22: Pppoe

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 The screen is required in order to use multiple PPPoE sessions on the same WAN port. It can also be used to manually connect or disconnect a PPPoE session. Advanced WAN – PPPoE Select WAN port & Session WAN Port –...

  • Page 23: Pptp

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced WAN PPTP Advanced WAN WAN Port - Select the desired WAN port (click desired WAN on Connection Status). The data of the selected port will then be displayed in the WAN IP Account section.

  • Page 24: 5: Advanced Configuration

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 5 : Advanced Configuration Advanced configuration – Host IP This feature is used in the following situations: You have Multi-Session PPPoE, and wish to bind each session to a particular PC on your LAN. You wish to use the Access Filter feature. This requires that each PC is identified by using the Host IP screen.
  • Page 25 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Reserve in DHCP – Select Enable to reserve a particular (LAN) IP address for a particular PC on your LAN. This allows the PC to use DHCP (Windows calls this "obtain an IP address automatically") while having an IP address that never changes.

  • Page 26: Dynamic Routing

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced configuration – Routing Routing This section is only relevant if your LAN has other Routers or Gateways. If you don't have other Routers or Gateways on your LAN, you can ignore the Static Routing page completely.

  • Page 27: Configuring Other Routers On Your Lan

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Gateway – The IP Address of the Gateway or Router that the Dual WAN VPN Firewall must use to communicate with the destination above. (NOT the router attached to the remote segment.) Interface – Select the correct interface, usually "LAN". The "WAN" interface is only available if NAT (Network Address Translation) is disabled.

  • Page 28: Virtual Server

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 For Router A's Default Route Destination IP Address Network Mask Gateway IP Address 192.168.1.1 Metric For Router B's Default Route Destination IP Address Network Mask Gateway IP Address Interface Metric Virtual Server This feature allows you to make Servers on your LAN accessible to Internet users. Normally, Internet users are not able to access a server on your LAN because: Your Server's IP address is only valid on your LAN, not on the Internet.
  • Page 29 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 PC using FTP Server (ftp://205.20.45.34) PC using Web Server (http://205.20.45.34) Note that, in this illustration, both Internet users are connecting to the same IP Address, but using different Connecting to the Virtual Server Once configured, anyone on the Internet can connect to your Virtual Servers. They must use the Dual WAN VPN Firewall Internet IP Address (the IP Address allocated by your ISP).

  • Page 30: Virtual Server Configuration

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced configuration – virtual server This screen allows you to define your own Server types: Virtual Server Configuration Enable – The enable checkbox enables or disables each Virtual server as required. Server Name – Enter a name for this server. (By default, there are 12 well-known virtual servers on the Custom Virtual Server List that you may use.)
  • Page 31 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Update – Save any changes you have made to the current entry. Cancel – Cancel any changes you have made since the last save operation. Virtual Server List - This table shows the detail for all Custom Virtual Server configuration data.

  • Page 32: Special Application

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced configuration - Special Application If you use Internet applications that use non-standard connections or port numbers, you may find that they do not function correctly because they are blocked by the Dual WAN VPN Firewall. In this case, you must define the application as a "Special Application”...

  • Page 33: Dynamic Dns

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Special Application List - This list shows the details for all currently defined Special Applications. You can modify its configuration data by mouse clicking the appropriate row. Using a Special Application on your PC When the Special Applications screen is configured correctly, you can use the application on your PC normally.

  • Page 34: Additional Settings

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Dynamic DNS Service This pull-down menu can Enable/Disable the Dynamic DNS feature, and select the required service provider. Disable – Dynamic DNS is not used. TZO – Select this to use the TZO service (www.tzo.com). You must configure the TZO section of this screen.

  • Page 35: Multi Dmz

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced Configuration - Multi DMZ This feature allows each WAN port IP address to be associated with one (1) computer on your LAN. All outgoing traffic from that PC will be associated with that WAN port IP address.

  • Page 36: Upnp Setup

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced Configuration - UPnP Setup With the UPnP (Universal Plug & Play) function, it is easy to setup and configure an entire network to enable discovery and control of networked devices and services. UPnP Option - If UPnP is enabled, then this device will become one of the local network devices.

  • Page 37: Nat Setting

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced Configuration – NAT Setting NAT Configuration NAT Routing – You can enable or disable NAT by using the checkbox. If you disable the NAT checkbox, it will act as a bridge or Static Router. Most features will be unavailable.

  • Page 38: Advanced Feature

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Advanced Configuration – Advanced Feature External Filters Configuration IDENT Port – Port 113 is associated with the Internet's (Identification / Authentication) service. When a client program in your computer contacts a remote server for services such as POP, IMAP, SMTP, that remote server sends back a query to the "Ident"...
  • Page 39 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 settings to correct the problem. Enable - If enabled, the WAN port you specify will be used for all outgoing SMTP traffic. If disabled, either WAN port will be used. WAN – Select the desired WAN port to be bound.

  • Page 40: 6: Security Management

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 6 – Security Management Security Management – Block URL This feature allows you to block access to undesirable Web sites. You can block by URL, IP address, or Keyword. You can also have different blocking settings for different groups of PCs.

  • Page 41: Access Filter

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Security Management – Access Filter The network administrator can use the Access Filter to control the Internet access and applications available to LAN users. Five (5) user groups are available, and each group can have different access rights.

  • Page 42: Session Limit

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Port Blocking – There are two possible settings : No Filtering - all ports are open Block All Access – All ports are closed. When you make a new rule, the port will be opened for that entry (maximum number of rules you enter are 50 ).

  • Page 43: Sysfilter Exception

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Security Management – System Filter Exeption Sysfilter exception - System Filter Exception – will reject every packet with an unrecognized port to avoid port scan programs run by hackers but this also incurs problems when servers (e.g.

  • Page 44: 7: Vpn Configuration

    IPSec tunnel. There are two basic settings: Tunnel to HotBrick Unit - This describes how to setup an IPSec tunnel to a HotBrick VPN 401 VPNX2, LB-2 VPN, 1400/2, 800/8 F and HSS 6000.

  • Page 45: Tunnel To Hotbrick Unit

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 VPN Configuration – Tunnel to HotBrick Unit VPN Tunnel List– here you can add a new tunnel or change an existing one from the list. The router allows a maximum of 50 tunnels. Tunnel Name– In order to distinguish the tunnels, you have to give the “Tunnel” a unique name.

  • Page 46: Advanced Settings

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Tunnel to HotBrick Client – This describes an IPSec tunnel from a the VPN 1400/2 to the HotBrick Client Software. VPN Tunnel List– allows you to add a new tunnel or change an existing one on the list. The router can support a maximum of 50 tunnels.

  • Page 47: Security Level

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Tunnel Name– In order to distinguish the tunnel, you have to give the “Tunnel” a unique name. PPPoE Session– If you are using PPPoE to make the connection, and your ISP offers multiple PPPoE sessions, you can select these PPPoE sessions to construct VPN tunnels.

  • Page 48: Key Management

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Key management Key – Key Type: there are two key types (manual key and auto key) available for key exchange management. Manual Key: If manual key is selected, no key negotiation is needed. AutoKey (IKE)- There are two types of operation modes that can be used.

  • Page 49: Ipsec Policy Options

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 IPSec policy options Tunnel Attribute – The defined attributes for the tunnel. Dead Peer Detection - This setting allows you to use a WAN port for backup or for WAN failover in the event of a connection failure.

  • Page 50: Vpn Preset

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Set DF Flag- If this DF (Do not Fragment) flag is set, it means the fragmentation of this packet at the IP level is not permitted. VPN configuration – VPN preset ISAkmp Port– Internet Security Association and Key Protocol Management (ISAkmp) is designed to negotiate, establish, modify and delete security associations and their attributes.

  • Page 51: Sa List

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 VPN Configuration – SA List VPN configuration – SA list The list will display the details of all Policy Setup configuration data that you have setup. You can modify it by mouse-clicking each row.

  • Page 52: Vpn Log

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 VPN Configuration – VPN Log You can monitor the VPN status through the VPN log web page. The log level (priority) can be chosen from VPN IKE Global Setting web page. Message Status Priority – It This indicates the severity level of a message for analysis.

  • Page 53: 8: Qos Configuration

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 8: QoS Configuration QoS Configuration – overview The Dual WAN VPN Firewall provides QoS, which supports high quality network service. By prioritizing outgoing packets based on user-defined policies, the Quality of Service feature can result in real-time applications achieving better response or performance.

  • Page 54: Qos Setup

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 QoS Configuration – QoS Setup QoS Setup QoS Feature Enable QoS – This will allow users to enable the QoS function. Queuing Method - The method used to manage your queue. Priority queuing is one of the first queuing solutions to be widely implemented.
  • Page 55 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Policy Name List – When adding a new Policy, ignore this list. To edit an existing entry, select it from the list and then click the "Select" button. The data fields will be updated with data for the selected entry.

  • Page 56: 9: Management Assistant

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 9 : Management Assistant Management assistant – Admin Password Enter the desired password, re-enter it in the Verify Password field, then save it. When you connect to the Load Balancer with your Browser, you will be prompted for the password as shown below.

  • Page 57: Email Alert

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Management Assistant – Email Alert This feature will send a warning Email to inform the system administrator that one of the WAN ports is disconnected. Enable/Disable Email Alert Enable – This enables Email Alert to send a warning email when a WAN port disconnects.

  • Page 58: Snmp

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Ping Before Notification - A threshold value for the maximum Pings allowed to each interface on this device in a minute. The valid values range from 0 to 9999. Management Assistant – SNMP This section is only useful if you have SNMP(Simple Network Management Protocol) software on a PC or server.

  • Page 59: Sntp Configuration

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Management Asssistant – Syslog This feature can send real time system information on the web page or to the specified PC. Syslog Delivery Sending out – Check this, if you want to send syslog messages to another machine.

  • Page 60: Upgrade Firmware

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Management Assistant - Upgrade Firmware This Upgrade Firmware Screen allows you to upgrade firmware on the system, to enable remote administration, and FTP upgrade. You can backup your system configuration by selecting "Save" next to "Save System Configuration".

  • Page 61: 10: Device Information

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 10: Device Status Once both the Dual WAN VPN Firewall and the PCs are configured, operation is automatic. However, some additional Internet configuration may be required for your specific network. Refer to Chapter 6 - Advanced Features for further details.

  • Page 62: Nat Statistics

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 DHCP Server – The status of the DHCP Server function - either "Enabled" or "Disabled". Device Status - WAN status NAT Statistics This section displays data for each WAN port. Connection status – This will display either Connected or Not Connected.
  • Page 63 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Data – NAT Status LAN IP info IP Address – The LAN IP Address of the Dual WAN VPN Firewall. Mask Address – The Network Mask (Subnet Mask) for the IP Address above. Active WAN IP Info – There is one (1) row for each active connection. The following data is displayed for each connection: IP Address –...

  • Page 64: Device Information

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Device information – Device Information Device Information Firmware Version – Version of the Firmware currently installed. NAT – Status of the NAT feature – either “Enable” or “Disable”. Load Balance – Status of the Load Balance feature –either “Enable” or “Disable”.
  • Page 65 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 If the "Restore Default Value" button on this screen is clicked: All your current settings will be erased. The default IP address, password and ALL other settings will be restored to the factory default values.

  • Page 66: Appendix A Specifications

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Appendix A Specifications Model HotBrick VPN 1400/2 Dual WAN Firewall Dimensions 120mm (W) x 427mm (D) x 43.4mm (H) Operating 0° C to 40° C Temperature Storage -10° C to 70° C Temperature Network protocol TCP/IP...

  • Page 67: Appendix B Windows Tcp/Ip Setup

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Appendix B Windows TCP/IP Setup Overview TCP/IP Settings If using the default Load Balancer settings, and the default Windows 95/98/ME/2000 settings, no changes need to be made. By default, the Dual WAN VPN Firewall will act as a DHCP Server, automatically providing a suitable IP Address (and related information) to each PC when the PC boots.
  • Page 68 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Ensure your TCP/IP settings are correct, as follows: Using DHCP To use DHCP, select the radio button Obtain an IP Address automatically. This is the default Windows settings. Restart your PC to ensure it obtains an IP Address from the VPN 1400/2 Firewall Router.

  • Page 69: Checking Tcp/Ip Settings - Windows 2000

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 On the DNS Configuration tab, ensure Enable DNS is selected. If the DNS Server Search Order list is empty, enter the DNS address provided by your ISP in the fields beside the Add button, then click Add.
  • Page 70 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Figure B-6: TCP/IP Properties (Win 2000) Ensure your TCP/IP settings are correct. Using DHCP To use DHCP, select the radio button Obtain an IP Address automatically. This is the default Windows setting. Restart your PC to ensure it obtains an IP Address from the Dual WAN VPN Firewall.

  • Page 71: Checking Tcp/Ip Settings - Windows Xp

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Checking TCP/IP Settings - Windows XP: 7. Select Control Panel - Network Connection. Right click the Local Area Connection and choose Properties. You should see a screen like the following: Figure B-7: Network Configuration (Windows XP) Select the TCP/IP protocol for your network card.
  • Page 72 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Figure B-8: TCP/IP Properties (Windows XP) Ensure your TCP/IP settings are correct. Using DHCP To use DHCP, select the radio button obtain an IP Address automatically. This is the default Windows setting. Restart your PC to ensure it obtains an IP Address from the Multi-WAN VPN Link Balancer.

  • Page 73: Appendix C Troubleshooting

    HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 Appendix C Troubleshooting Overview This chapter covers some common problems that may be encountered while using the VPN Firewall and some possible solutions for them. If you follow the suggested steps and the VPN Firewall still does not function properly, contact your dealer for further advice.

  • Page 74: Appendix D Ipsec Tunnel Examples

    This example takes a tunnel between a VPN 1400/2 and a LB-2 VPN. This example applies to the HotBrick 401VPN X2, LB-2 VPN and 1400/2 series, you can use either unit at both sides. You can use the IP addresses from the network diagram above.
  • Page 75 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966 First we will make settings in the VPN 1400/2 Next we will make settings for the LB-2 VPN Note : you need different subnets at both ends of the tunnel. This is because the IPSec tunnel will connect the two subnets so they need to be different in order to avoid IP address conflicts.
  • Page 76 HotBrick, Tel: 305-398-0888, Fax: 305-398-5966...

This manual is also suitable for:

Vpn 1400/2

Table of Contents