3Com 3CR856-95 Network Router User Manual


 
53
Configuring VPNs
A Virtual Private Network (VPN) is a secure tunnel between
networks or between a network and a user. The Gateway
supports both network to network connections and network to
remote client connections.
The Gateway supports IPSec tunnels, L2TP over IPSec, and PPTP
connections and allows VPN pass-through to enable other secure
devices on your network to set up their own secure connections.
Your Cable/DSL modem and your ISP must support IPSec
pass-through, L2TP over IPSec pass-through or PPTP pass-through
for you to be able to use these protocols.
See
The Virtual Servers Menu on page 45 for details to
configure pass-through protocols.
Setting the VPN Mode
The Gateway supports three modes of VPN operation:
IPSec Enabled — IPSec (Internet Protocol Security) is a
complex secure protocol with a variety of different encryption
methods. When setting up an IPSec connection between two
devices they must support the same encryption method.
L2TP over IPSec Enabled — L2TP over IPSec is a combination
of protocols which authenticates a user (using L2TP) and
encrypts data (using IPSec). See
L2TP Configuration on
page 54
.
PPTP Server Enabled — PPTP (Point-to-Point Tunnelling
Protocol) is an encrypted VPN protocol like IPSec. It is not as
secure as IPSec but is easy to administrate. PPTP does not
support Gateway to Gateway connections and is only suitable
for connecting remote users.
Enabling IPSec VPN will disable pass-through to IPSec and
L2TP/IPSec Virtual Servers on the LAN. Enabling L2TP over IPSec
will disable pass-through to IPSec and L2TP/IPSec Virtual Servers
on the LAN. Enabling the PPTP server will disable PPTP
pass-through to a Virtual Server on the LAN. Pass-through
outbound from clients on the LAN to servers on the internet is
unaffected.
A VPN Tunnel needs the same protocol on both sides of the
connection. If you are trying to establish an IPSec connection
with another Gateway or with a user the other Gateway must
support IPSec or the user must have software installed that
supports IPSec VPN.
The VPN Mode menu is shown in Figure 51
below. Choose from
the options by clicking in the appropriate radio button under
VPN Server Setup.
IPSec Configuration
In the IPSec Configuration field, enter This Gateway’s ID as an
Internet IP address or name of the Gateway that you are
configuring. This value is common across all IPSec connections
but does not apply to PPTP connections. If PPTP only is enabled,
This Gateway’s ID field does not appear.
If you require main mode IPSec connections then this value must
be the public IP address of the Gateway.
dua08 569-5aaa02.book Pag e 53 Thursday , Novem ber 7 , 2002 3:09 PM