beautypg.com

Vpn quick start – Amer Networks E5Web GUI User Manual

Page 569

background image

9.2. VPN Quick Start

Overview

Later sections in this chapter will explore VPN components in detail. To help put those later
sections in context, this section is a quick start summary of the steps needed for VPN setup.

It outlines the individual steps in setting up VPNs for the most common scenarios. These are:

IPsec LAN to LAN with Pre-shared Keys

IPsec LAN to LAN with Certificates

IPsec Roaming Clients with Pre-shared Keys

IPsec Roaming Clients with Certificates

L2TP Roaming Clients with Pre-Shared Keys

L2TP Roaming Clients with Certificates

PPTP Roaming Clients

Common Tunnel Setup Requirements

Before looking at each of these scenarios separately, it is useful to summarize the common cOS
Core requirements when setting up any VPN tunnel, regardless of the type.

Define the Tunnel

Firstly we must define the tunnel itself. cOS Core has various tunnel object types which are
used to do this, such as an IPsec Tunnel object.

A Route Must Exist

Before any traffic can flow into the tunnel, a route must be defined in a cOS Core routing table.
This route tells cOS Core which network can be found at the other end of the tunnel so it
knows which traffic to send into the tunnel.

In most cases, this route is created automatically when the tunnel is defined and this can be
checked by examining the routing tables.

If a route is defined manually, the tunnel is treated exactly like a physical interface in the
route properties, as it is in other aspects of cOS Core. In other words, the route is saying to
cOS Core that a certain network is found at the other end of the tunnel.

Define an IP Rule to Allow VPN Traffic

An IP rule must be defined that explicitly allows traffic to flow between a network and the
tunnel. As with route definitions, the tunnel is treated exactly like a physical interface when
defining the IP rule.

IP rules are not created automatically after defining the tunnel object and if they do not exist
then no traffic can flow through the tunnel and will instead, be dropped.

The following sections will look at the detailed setup for each of the VPN scenarios listed earlier.

Chapter 9: VPN

569

This manual is related to the following products:
See also other documents in the category Amer Networks Computer Accessories: