Lancom Systems LCOS 3.50 User Manual

Page 310

Advertising
background image

LANCOM Reference Manual LCOS 3.50

̈

Chapter 14: Virtual Private Networks—VPN

310

V

irt

ua

l Pri

vat

e Ne

two

rks—

VP

N

̈

Definition of the tunnel endpoints

̈

Definition of the security-related parameters (IKE and IPSec)

̈

Definition of the VPN network relationships, i.e. the IP address ranges to
be connected. Should the IP ranges overlap at both ends of the
connection, please refer to the section ’N:N mapping’ auf Seite 80.

̈

When coupling Windows networks (NetBIOS/IP): Without WINS servers at
both ends of the VPN connection (such as when linking a home office),
the LANCOM can take over the necessary NetBIOS proxy functions. To this
end, the NetBIOS module in the LANCOM must be activated, and the
corresponding VPN remote site must be entered into the NetBIOS module
as the remote site. Should WINS servers be present in both of the coupled
networks, then the NetBIOS module should be deactivated so that the
LANCOM does not perform NetBIOS proxy functions.

̈

When using LANCOM Dynamic VPN: Entry for the corresponding remote
site in the PPP list with a suitable password for the Dynamic VPN
handshake. The username entered here must correspond with the name
entered in the remote device that describes the VPN connection to this
local device. Activate "IP routing". If Windows networks are also to be
coupled, then the NetBIOS entry should be activated here.

The tunnel endpoints, i.e. the local VPN gateway and each of the VPN remote
stations, are entered into the VPN connection list.

Manually configuring the VPN connection involves the following steps:

Create an entry for the remote VPN gateway in the connection list and
enter its public IP address.

The security parameters for the VPN connection are normally taken from
the prepared list, and all that is required here is to define an IKE key.

For a Dynamic VPN connection, create a new entry in the PPP list with the
name of the remote VPN gateway as the remote station, with the name of
the local VPN gateway as the User Name, and set a suitable password. Be
sure to activate the IP routing for this PPP connection and, if required, the
routing of “NetBIOS over IP” as well. The remaining PPP parameters, such
as the procedure for checking the remote station, can be defined in the
same way as for other PPP connections.

The main task in setting up VPN connections is in defining the network
relationships. Which IP address ranges at each end of the VPN tunnel
should be included in the secured connection?

Advertising
Popular Brands
Popular manuals