Basic vpn setup, Default network – Nortel Networks NN46120-104 User Manual
Page 50
50
Initial Setup
Basic VPN Setup
The following settings have been created:
•
A VPN. The VPN is typically defined for access to an intranet, parts of
an intranet or to an extranet.
•
A virtual SSL server of the portal type. A portal IP address is assigned
to it, to which the remote user should connect to access the Portal. If
you chose to use the VPN feature without a Nortel Application Switch,
the portal server is set to standalone mode.
•
A test certificate has been installed and mapped to the portal server.
•
The authentication method is set to Local database and you have one
test user configured. The test user belongs to a group called
trusted
,
whose access rules allow access to all networks, services and paths.
•
One or several domain names are added to the DNS search list,
which means that the remote user can enter a short name in the
Portal’s various address fields (for example,
inside
instead of
inside.example.com
if
example.com
is added to the search list).
•
If you chose to enable HTTP to HTTPS redirection, an additional
server of the HTTP type was created to redirect requests made
with HTTP to HTTPS, because the portal server requires an SSL
connection.
Default Network
The wizard also creates a default network definition called intranet. In
short, network definitions are used to limit a remote user’s access rights to
different networks. Once a network definition has been created it can be
referenced in an access rule. The access rule states whether access to
the referenced network should be rejected or allowed.
Network definitions can be created, viewed or edited using the
/cfg/vpn
#/aaa/network
command. See the "Groups, Access Rules and Profiles"
chapter in the Application Guide for VPN for a full explanation of network
definitions in conjunction with access rules.
The intranet network definition is configured as Network 1. The subnets
included in intranet are based on private IP address space reservations as
defined in the RFC 1918 document:
•
Network address: 192.168.0.0
Network mask: 255.255.0.0
•
Network address: 10.0.0.0
Network mask: 255.0.0.0
•
Network address: 172.16.0.0
Network mask: 255.240.0.0
Nortel VPN Gateway
User Guide
NN46120-104
02.01
Standard
14 April 2008
Copyright © 2007-2008 Nortel Networks
.