beautypg.com

Brocade Mobility 7131 Access Point Product Reference Guide (Supporting software release 4.4.0.0 and later) User Manual

Page 230

background image

218

Brocade Mobility 7131 Access Point Product Reference Guide

53-1002517-01

6

NOTE

When creating a tunnel, the remote subnet and remote subnet mask must be that of the target
device’s LAN settings. The remote gateway must be that of the target device’s WAN IP address.

If access point #1 has the following values:

WAN IP address: 20.1.1.2

LAN IP address: 10.1.1.1

Subnet Mask: 255.0.0.0
Then, the VPN values for access point #2 should be:

Remote subnet: 10.1.1.0 or 10.0.0.0

Remote subnet mask: 255.0.0.0

Remote gateway: 20.1.1.2

3. If a VPN tunnel has been added to the list of available Mobility 7131 Access Point tunnels, use

the VPN Tunnel Config field to optionally modify the tunnel’s properties.

Remote Subnet

The

Remote Subnet

column lists the remote subnet for each tunnel. The remote subnet

is the subnet the remote network uses for connection.

Remote Gateway

The

Remote Gateway

column lists a remote gateway IP address for each tunnel. The

numeric remote gateway is the gateway IP address on the remote network the VPN tunnel
connects to. Ensure the address is the same as the WAN port address of the target
gateway AP or switch.

Key Exchange Type

The

Key Exchange Type

column lists the key exchange type for passing keys between

both ends of a VPN tunnel. If Manual Key Exchange is selected, this column displays
Manual. If Auto (IKE) Key Exchange is selected, the field displays

Automatic

.

Tunnel Name

Enter a name to define the VPN tunnel. The tunnel name is used to uniquely identify each
tunnel. Select a name best suited to that tunnel’s function so it can be selected again in
the future if required in a similar application.

Interface name

Use the drop-down menu to specify the LAN1, LAN2 or WAN connection used for routing
VPN traffic. Remember, only one LAN connection can be active on the access point
Ethernet port at a time. The LAN connection specified from the LAN screen to receive
priority for Ethernet port connectivity may be the better subnet to select for VPN traffic.

Local WAN IP

Enter the WAN’s numerical (non-DNS) IP address in order for the tunnel to pass traffic to a
remote network.

Remote Subnet

Specify the numerical (non-DNS) IP address for the Remote Subnet.

Remote Subnet Mask Enter the subnet mask for the tunnel’s remote network for the tunnel. The remote subnet

mask is the subnet setting for the remote network the tunnel connects to.

Remote Gateway

Enter a numerical (non-DNS) remote gateway IP address for the tunnel. The remote
gateway IP address is the gateway address on the remote network the VPN tunnel
connects to.

Default Gateway

Displays the WAN interface's default gateway IP address.

Manual Key Exchange Selecting

Manual Key Exchange

requires you to manually enter keys for AH and/or ESP

encryption and authentication. Click the

Manual Key Settings

button to configure the

settings.

Manual Key Settings

Select

Manual Key Exchange

and click the

Manual Key Settings

button to open a

screen where AH authentication and ESP encryption/authentication can be configured and
keys entered. For more information, see Configuring Manual Key Settings on page 6-221.

See also other documents in the category Brocade Computer Accessories: