Filter
Top Products
Chapter 3
Advanced Configuration
19
Wireless-N ADSL2+ Gateway
Security > VPN
Security > VPN Tunnel
Establishing a Tunnel
The Gateway creates a tunnel or channel between two
endpoints, so that the data or information between these
endpoints is secure. To establish this tunnel, select the
tunnel you wish to create in the Select Tunnel Entry drop-
down box. It is possible to create up to two simultaneous
tunnels. To delete a tunnel, click the Delete button. To view
a summary of that tunnel, click the Summary button.
VPN Summary
Then check the box next to Enable to enable the tunnel.
Once the tunnel is enabled, enter the name of the tunnel
in the Tunnel Name field. This is to allow you to identify
multiple tunnels and does not have to match the name
used at the other end of the tunnel.
Local Secure Group and Remote Secure Group
A Local Secure Group is a computer(s) on your network
that can access the tunnel. A Remote Secure Group is a
computer (s) on the remote end of the tunnel that can
access the tunnel. Under Local Secure Group, you may
choose from Subnet and IP address. Under Remote Secure
Group, you may choose from IP address, Subnet, and Any.
Subnet If you select Subnet (which is also the default),
this will allow all computers on the local subnet to access
the tunnel. When using the Subnet setting, the default
values of 0 should remain in the last fields of the IP and
Mask settings.
IP Address If you select IP Address, only the computer
with the specific IP address that you enter will be able to
access the tunnel.
Any If you select Any for the Remote Security Group, the
local VPN Router will accept a request from any IP address.
This setting should be chosen when the other endpoint is
using DHCP or PPPoE on the Internet side.
Remote Security Gateway
The Remote Security Gateway is the VPN device, such as a
second VPN Router, on the remote end of the VPN tunnel.
Under Remote Security Gateway, you have three options:
IP address, FQDN, and Any. In this section, you can also set
the levels and types of encryption and authentication.
IP Address If you select IP Address, enter the IP address of
the VPN device at the other end of the tunnel. The remote
VPN device can be another VPN Router, a VPN Server, or
a computer with VPN client software that supports IPSec.
The IP address may either be static (permanent) or dynamic
(changing), depending on the settings of the remote VPN
device. Make sure that you have entered the IP address
correctly, or the connection cannot be made. Remember,
this is NOT the IP address of the local VPN Router, but the
IP address of the remote VPN Router or device with which
you wish to communicate.
FQDN (Fully Qualified Domain Name) If you select
FQDN, enter the FQDN of the VPN device at the other
end of the tunnel. The remote VPN device can be another
VPN Router, a VPN Server, or a computer with VPN client
software that supports IPSec. The FQDN is the host name
and domain name for a specific computer on the Internet,
for example, vpn.myvpnserver.com.
Any If you select Any for the Remote Security Gateway,
the VPN device at the other end of the tunnel will accept
a request from any IP address. The remote VPN device can
be another VPN Router, a VPN Server, or a computer with
VPN client software that supports IPSec. If the remote
user has an unknown or dynamic IP address (such as a
professional on the road or a telecommuter using DHCP
or PPPoE), then Any should be selected.
Encryption Using encryption helps make your connection
more secure. The encryption type used must be the same
type of encryption that is being used by the VPN device
at the other end of the tunnel. You may choose not to
encrypt by selecting Disable.