LANCOM Reference Manual LCOS 3.50 ̈ Chapter 14: Virtual Private Networks—VPN
312
Virtual Private Networks—
VPN
̈ When only a portion of the local intranet is to be available to the remote
network, then the automatic method is unsuited as the IP address range
that is open to the VPN connection is too large.
̈ In many network structures, the local network is connected by further
routers to sections of other networks with their own IP address ranges.
Additional settings are required to include these address ranges in the
network relationship.
In these cases, the network relationships that describe the source and target
networks must be entered manually. Depending on the situation, the scope of
the automatically generated VPN rules may be extended, although sometimes
it is better to deactivate the automatic VPN system to prevent unwanted
network relationships.
The necessary network relationships are defined by the appropriate firewall
rules under the following circumstances:
̈ In the firewall rules, the option “Consider this rule when generating VPN
rules” must be activated.
IP: 10.1.0.1 to 10.1.0.50
Net mask: 255.255.0.0
IP: 10.2.0.2 to 10.2.0.99
Net mask: 255.255.0.0
IP network: 10.1.0.0
Net mask: 255.255.0.0
IP network: 10.2.0.0
Net mask: 255.255.0.0
IP network:
10.1.0.0
Net mask:
255.255.0.0