Symbol Technologies WS 2000 Switch User Manual

Open as PDF

of 494

WAN Configuration 4-21

These rules must be above (higher in priority than) any default or other rules that would process these packets differently.

Do I need to add any special routes on the WS 2000 switch to get my VPN tunnel to work?

No. Packets for VPN are tunneled directly to the Remote VPN gateway. As long as a route exists to the Remote VPN gateway,

no other routes are required.

Clients, however, might need extra routing information to tell them to use the WS 2000 switch as the gateway to reach the

remote subnet. This is only required if the clients are not using the WS 2000 switch as their default gateway.

Can I setup the WS 2000 Wireless Switch so that clients can both access the WAN normally and use

the VPN when talking only to specific networks?

Yes. Only packets that are going from the defined local subnet to the remote subnet will be send through the VPN tunnel.

All other packets will be handled by whatever firewall rules are set.

How do I specify which certificates to use from the WS 2000 certificate manager to be used for an IKE

policy?

When generating a certificate to be used with IKE, you must use one of the following fields: IP address, Domain Name, or

Email address. Also make sure that you are using NTP when attempting use the certificate manager. Certificates are time

sensitive.

Src port

1:65535

Dst port

500

Rev NAT

None

On the IKE configuration page, Local ID type refers to the way that IKE

selects a local certificate to use.

IP tries to match the local WAN IP to the IP addresses specified

in a local certificate.

FQDM tries to match the user entered local ID data string to the

domain name field of the certificate.

UFQDM tries to match the user entered local ID data string to

the email address field of the certificate.

Remote ID type refers to the way you identify an incoming certificate as

being associated with the remote side.

IP tries the match the remote gateway IP to the IP addresses

specified in the received certificate.

FQDM tries to match the user entered remote ID data string to

the domain name field of the received certificate.

UFQDM tries to match the user entered remote ID data string to

the email address field of the received certificate.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Symbol Technologies WS 2000 Switch User Manual