Symbol Technologies AP-5131 Network Router User Manual


 
AP-5131 Usage Scenarios
B-19
These three rules should be configured above all other rules (default or user defined). When
Advanced LAN Access is used, certain inbound/outbound rules need to be configured to
control incoming/outgoing packet flow for IPSec to work properly (with Advanced LAN
Access). These rules should be configured first before other rules are configured.
Question 13: Do I need to add any special routes on the AP-5131 to get my VPN
tunnel to work?
No. However, clients could need extra routing information. Clients on the local LAN side
should either use the AP-5131 as their gateway or have a route entry tell them to use the
AP-5131 as the gateway to reach the remote subnet.
B.3 Replacing an AP-4131 with an AP-5131
The AP-5131’s modified default configuration enables an AP-5131 to not only operate in a single-cell
environrment, but also function as a replacement for legacy Symbol AP-4131 model access points.
You cannot port an AP-5131’s configuration file to an AP-5131, but you can configure an AP-5131
similarly and provide an improved data rate and feature set.
An AP-4131 has only one LAN port and it is defaulted to DHCP/BOOTP enabled. The AP-5131 is
optimized for single-cell deployment, so it should allow the customer to use an AP-5131 as a
”drop-in” replacement for an existing AP-4131 deployment. However, to optimally serve as a
replacement for existing AP-4131 deployments, the AP-5131’s “out-of-box” defaults are now set as
follows:
The AP-5131’s LAN1 port must default to DHCP client mode
The AP-5131’s LAN2 port must default to DHCP server mode
The AP-5131’s WAN port must default to Static mode.
The default gateway now defaults to LAN1.
Scr <Remote Subnet IP range>
Dst <WAN IP address>
Transport UDP
Scr port 1:65535
Dst port 500
Rev NAT None