D-Link DFL-860E User Manual for DFL-260E - Page 413
VPN Quick Start, Define the Tunnel, A Route Must Exist, Define an IP Rule to Allow VPN Traffic
View all D-Link DFL-860E manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 413 highlights
9.2. VPN Quick Start Chapter 9. VPN 9.2. VPN Quick Start Overview Later sections in this chapter will explore VPN components in detail. To help put those later sections in context, this section is a quick start summary of the steps needed for VPN setup. It outlines the individual steps in setting up VPNs for the most common scenarios. These are: • IPsec LAN to LAN with Pre-shared Keys • IPsec LAN to LAN with Certificates • IPsec Roaming Clients with Pre-shared Keys • IPsec Roaming Clients with Certificates • L2TP Roaming Clients with Pre-Shared Keys • L2TP Roaming Clients with Certificates • PPTP Roaming Clients Common Tunnel Setup Requirements Before looking at each of these scenarios separately, it is useful to summarize the common NetDefendOS requirements when setting up any VPN tunnel, regardless of the type. • Define the Tunnel Firstly we must define the tunnel itself. NetDefendOS has various tunnel object types which are used to do this, such as an IPsec Tunnel object. • A Route Must Exist Before any traffic can flow into the tunnel, a route must be defined in a NetDefendOS routing table. This route tells NetDefendOS which network can be found at the other end of the tunnel so it knows which traffic to send into the tunnel. In most cases, this route is created automatically when the tunnel is defined and this can be checked by examining the routing tables. If a route is defined manually, the tunnel is treated exactly like a physical interface in the route properties, as it is in other aspects of NetDefendOS. In other words, the route is saying to NetDefendOS that a certain network is found at the other end of the tunnel. • Define an IP Rule to Allow VPN Traffic An IP rule must be defined that explicitly allows traffic to flow between a network and the tunnel. As with route definitions, the tunnel is treated exactly like a physical interface when defining the IP rule. IP rules are not created automatically after defining the tunnel object and if they do not exist then no traffic can flow through the tunnel and will instead, be dropped. The following sections will look at the detailed setup for each of the VPN scenarios listed earlier. 413