1. Manuals
  2. Brands
  3. Motorola Manuals
  4. Switch
  5. WS2000 - Wireless Switch - Network Management...
  6. System reference manual

Motorola WS2000 System Reference Manual page 79

Wireless switch
Hide thumbs Also See for WS2000:
Table of Contents

Advertisement

4.6.6.4 How do I specify which certificates to use from the WS2000 certificate manager to be
used for an IKE policy?
When generating a certificate to be used with IKE, you must use one of the following fields: IP address,
Domain Name, or E-mail address. Also make sure that you are using NTP when attempting use the certificate
manager. Certificates are time sensitive.
On the IKE configuration page, Local ID type refers to the way that
IKE selects a local certificate to use.
IP tries to match the local WAN IP to the IP addresses
specified in a local certificate.
FQDM tries to match the user entered local ID data
string to the domain name field of the certificate.
UFQDM tries to match the user entered local ID data
string to the email address field of the certificate.
Remote ID type refers to the way you identify an incoming
certificate as being associated with the remote side.
IP tries the match the remote gateway IP to the IP
addresses specified in the received certificate.
FQDM tries to match the user entered remote ID data
string to the domain name field of the received
certificate.
UFQDM tries to match the user entered remote ID data
string to the email address field of the received
certificate.
4.6.6.5 I am using a direct cable connection between by two VPN gateways for testing and
cannot get a tunnel established, yet it works when I setup them up across another network or
router. What gives?
The packet processing architecture of the WS2000 VPN solution requires a WAN default gateway to work
properly. When connecting two gateways directly, you really do not need a default gateway when the two
addresses are on the same subnet. As a work around, you can point the WS2000 switch's WAN default
gateway to be the other VPN gateway, and vice-versa.
4.6.6.6 My WS2000 switch is a DHCP client on my WAN interface. How can I setup a tunnel
without knowing my WAN IP address?
First of all, one end of a VPN tunnel must have a static IP address. Assuming the other end of your VPN
tunnel has a static IP, here is how you configure your WS2000 switch to use a DHCP WAN address with VPN.
1. Your VPN tunnel entry must have the Local WAN IP set to 0.0.0.0.
2. If you are using the IKE, the Local ID type (and corresponding Remote ID type on the other end) cannot be
set to IP, since the IP address is not known.
4-29
WAN Configuration
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Motorola WS2000

Related Products for Motorola WS2000

Table of Contents