5 prepare vpn network relationships – Lancom Systems LCOS 3.50 User Manual
Page 311
̈
Chapter 14: Virtual Private Networks—VPN
LANCOM Reference Manual LCOS 3.50
311
V
irt
ua
l Pri
vat
e Ne
two
rks—
VP
N
14.5.5
Prepare VPN network relationships
The firewall integrated into LANCOM routers is a powerful instrument for
defining source and target address ranges between which data transfer (and
limitations to it) can be enabled or prohibited. These functions are also used
for setting up the network relationships for the VPN rules.
In the simplest case, the firewall can generate the VPN rules automatically.
̈
The local intranet serves as the source network, i.e. the same private IP
address range that the local VPN gateway itself belongs to.
̈
For automatically generated VPN rules, the target networks are those
network ranges that have a remote VPN gateway set as their router.
To activate the automated rule generation, simply switch on the
corresponding option in the firewall
1
. When coupling two simple local
networks, the automatic VPN can interpret the necessary network
relationships from the IP address range in its own LAN and from the entry for
the remote LAN in the IP routing table.
The description of the network relationships is more complicated if the source
and target networks are not only represented by the intranet address ranges
of the connected LANs:
1.
automatic when using the VPN installation Wizard under LANconfig
IP network: 10.1.0.0
Net mask: 255.255.0.0
IP network: 10.2.0.0
Net mask: 255.255.0.0
VPN-GW 1
80.146.81.251
VPN-GW 2
217.213.77.120
IP routing table:
10.2.0.0/16 > VPN-GW-2
IP routing table:
10.1.0.0/16 > VPN-GW-1