Perle Systems 5500161-40 Server User Manual


 
Configuring a Virtual Private Network
342 IOLAN SDS/SCS/STS/MDC User’s Guide, Version 4.0
Network-to-Network
The following examples shows how to configure a network-to-network IPsec tunnel. This example
uses the X.509 Certificate authentication method, so it includes the configuration requirements for the
X.509 certificate.
NAT Traversal (NAT_T) is enabled in this example (on both sides) because the
VPN tunnel is going private network to public network to private network. Notice also that the serial
devices connected to the IOLAN can be accessed by the VPN tunnel, since they are included in the
network configuration as part of the
172.16.45.0 subnetwork.
Remote VPN
Gateway
172.16.45.84
172.16.45.1
Internet
172.16.45.23
192.168.45.45
192.168.45.12
192.168.45.87
External IP Address
196.15.23.56
172.16.45.99
192.168.45.99
Router
Router
External IP Address
199.15.23.56
Left
Right
IPsec Tunnel--Encrypted Data
Unencrypted
Data
Unencrypted
Data
1. Configure the IPsec tunnel in the IOLAN:
2. Click the Remote Validation Criteria button and enable and populate the fields that are required
for the remote X.509 certificate validation. If you just want to validate the X.509 certificate
signer, you do not need to enable any of the remote validation criteria fields.