AirLive WN-300ARM-VPN User Manual

AirLive WN-300ARM-VPN User’s Manual

83

Local LAN

Local LAN

This identifies which PCs on your LAN are covered by this policy. For each

selection, data must be provided as follows:

 Single

address

Enter an IP address in the "IP address" field. Typically, this setting is

used when you wish to make a single Server on your LAN available to

remote users.

 Subnet

address

Enter an IP address in the "IP address" field, and the desired network

mask in the "Subnet Mask" field.

The remote VPN endpoint must have these IP addresses entered as its

"Remote" addresses.

Remote LAN

Remote LAN

This identifies which PCs on the remote LAN are covered by this policy. For

each selection, data must be provided as follows:

 Single

address

Enter an IP address in the "IP address" field. This must be an address

on the remote LAN. Typically, this setting is used when you wish to

access a server on the remote LAN.

 Subnet

address

Enter an IP address in the "IP address" field, and the desired network

mask in the "Subnet Mask" field.

The remote VPN endpoint must have these IP addresses entered as its

"Local" addresses.

IKE

Direction

This setting is used when determining if the IKE policy matches the current

traffic. Select the desired option.

 Responder only - Incoming connections are allowed, but outgoing

connections will be blocked.

 Initiator and Responder - Both incoming and outgoing connections are

allowed.

Exchange Mode

IPSec has 2 possibilities - "Main Mode" and "Aggressive Mode".

WN-300ARM-VPN only supports "Main Mode". So, user also has to ensure

the remote VPN endpoint is set to use "Main Mode".

Diffie-Hellman

(DH) Group

The Diffie-Hellman algorithm is used when exchanging keys. The DH

Group setting determines the number of bit size used in the exchange. This

value must match the value used on the remote VPN Gateway.