AP-5131 Usage Scenarios
B-17
• UFQDN - tries to match the user entered remote ID data string to the email address field of
the received certificate.
• Question 9: I am using a direct cable connection between my two VPN gateways
for testing and cannot get a tunnel established, yet it works when I set them up
across another network or router. Why?
The packet processing architecture of the AP-5131 VPN solution requires the WAN default
gateway to work properly. When connecting two gateways directly, you don't need a default
gateway when the two addresses are on the same subnet. As a workaround, point the AP-
5131's WAN default gateway to be the other VPN gateway and vice-versa.
• Question 10: I have setup my tunnel and the status still says 'Not Connected'. What
should I do now?
VPN tunnels are negotiated on an "as-needed" basis. If you have not sent any traffic
between the two subnets, the tunnel will not get established. Once a packet is sent between
the two subnets, the VPN tunnel setup occurs.