Filter
Top Products
32 Chapter 2 - IP Routing & Bridging
Once you have created a VPN port, you may access the TCP/IP Routing:
VPN Configuration Dialog Box by clicking TCP/IP Routing under the VPN
port’s icon.
A VPN port is a virtual port which handles tunneled traffic. Tunnels are
virtual point-to-point connections through a public network such as the
Internet. All packets sent through a VPN tunnel are IP-encapsulated packets,
including AppleTalk, IPX and even IP packets. This encapsulation is added
or removed, depending on the direction, by “Tunnel Partner” routers. Once a
packet reaches the remote Tunnel Partner, the TCP/IP encapsulation is
stripped off, leaving the original protocol. The unencapsulated packet is then
handled according to the VPN port’s protocol configuration settings.
Networks connected via a tunnel will communicate as if they are on the same
network, even though they are separated by the Internet.
v Note: Remember that you must set up both ends of every tunnel. Therefore,
you must repeat this setup with the remote router.
> IP Routing/IP Bridging/IP Off
This set of radio buttons controls how IP packets are handled for this inter-
face.
• If set to IP Routing, then IP packets received on this interface are routed
to the correct interface on the device.
• If set to IP Bridging, then any IP packets received on this interface are
forwarded to the device’s internal bridge. This setting makes this VPN
port a member of the “IP Bridge Group” for this device.
v Note: The IP Bridging radio button will be grayed out unless bridging has
been turned on globally for the device using the Main Bridging Configuration
Dialog Box (under Global/Bridging) and locally on this interface using the
Bridging: VPN Dialog Box (under VPN/Bridging).
• If set to IP Off, then any IP packets received on this interface are
discarded.
Numbered Interface
This check box determines whether the VPN port will have an IP network
number associated with it.
VPN tunnels are essentially point-to-point links. These links do not generally
require a network number because all traffic sent from one end is, by defini-
tion, destined for the other end. However, you may wish to assign an address
for network tracking purposes.