Netopia 4000-Series Network Router User Manual


 
Internet Key Exchange (IKE) IPsec Key Management for VPNs 5-15
support for sub-netting, host and network range addressing modes
works with manual keying and Internet Key Exchange (IKE)
each IPsec network works under the same local/remote tunnel endpoints
Select Add Network and press Return. The Add Network Configuration screen appears.
The Remote Member Format and Local Member Format pop-up menus allow you to choose a format for
your network end points: Subnet, Range, or a single Host Address.
If you choose Subnet, you must enter the Remote Member Address and the subnet mask that is the
Remote Member Mask.
Enter the Local Member Address and the Local Member Mask in their respective fields.
If you choose Range, the next two fields become Remote Member 1st Address and Remote Member
Last Address. You supply these values.
Complete the Local Member 1st Address and Local Member Last Address fields.
If you choose Host Address, you need only supply the Remote Member Address and the Local Mem-
ber Address; the other fields are hidden.
Select COMMIT and press Return to add the configuration. This returns you to the IP Profile Parameters
screen. Select COMMIT and press Return in the IP Profile Parameters screen. This returns you to the
Change Connection Profile screen. Select COMMIT and press Return in the Change Connection Profile
screen.
Note:
• Any two IPsec tunnels differ only by the local/remote networks they are intended to reach; they have the
same encryption policy, which is derived from the base profile.
• The feature is limited to 8 networks per tunnel.
Add Network Configuration
+--------------+
+--------------+
Remote Member Format... | Subnet |
Remote Member Address: | Range |
Remote Member Mask: | Host Address |
Local Member Format... +--------------+
Local Member Address: 0.0.0.0
Local Member Mask: 0.0.0.0
COMMIT CANCEL