Internet Over Ipsec Tunnel; Configuring Vpn Clients; Pptp / L2Tp Tunnels - D-Link DWC-1000 User Manual

Wireless Controller
connection between the controller and the RADIUS server with the authentication
protocol supported by the server (PAP or CHAP). For RADIUS – PAP, the controller
first checks in the user database to see if the user credentials are available; if they are
not, the controller connects to the RADIUS server.

8.2.2 Internet over IPSec tunnel

In this feature all the traffic will pass through the VPN Tunnel and from the Remote
Gateway the packet will be routed to Internet. On the remote gateway side, the
outgoing packet will be SNAT'ed.
8.3

Configuring VPN clients

Remote VPN clients must be configured with the same VPN policy parameters used in
the VPN tunnel that the client wishes to use: encryption, authentication, life time, and
PFS key-group. Upon establishing these authentication parameters, the VPN Cl ient user
database must also be populated with an account to give a user access to the tunnel.

VPN client software is required to establish a VPN tunnel between the
controller and remote endpoint. Open source software (such as OpenVPN or
Openswan) as well as Microsoft IPsec VPN software can be configured with
the required IKE policy parameters to establish an IPsec VPN tunnel. Refer
to the client software guide for detailed instructions on setup as well as the
controller's online help.
The user database contains the list of VPN user accounts that are authorized to use a
given VPN tunnel. Alternatively VPN tunnel users can be authenticated using a
configured Radius database. Refer to the online help to determine how to populate the
user database and/or configure RADIUS authentication.
8.4

PPTP / L2TP Tunnels

This controller supports VPN tunnels from either PPTP or L2TP ISP servers. The
controller acts as a broker device to allow the ISP's server to create a TCP control
connection between the LAN VPN client and the VPN server.
248
User Manual