Brocade Mobility 7131N-FGR Access Point Product Reference Guide (Supporting software release 4.0.0.0-35GRN and later) User Manual

180

Brocade Mobility 7131N-FGR Product Reference Guide

53-1001947-01

Configuring VPN tunnels

6

NOTE

When creating a tunnel, the remote subnet and remote subnet mask must be that of the target
device’s LAN settings. The remote gateway must be that of the target device’s WAN IP address.

If access point #1 has the following values:

•

WAN IP address: 20.1.1.2

•

LAN IP address: 10.1.1.1

•

Subnet Mask: 255.0.0.0

Then, the VPN values for access point #2 should be:

•

Remote subnet: 10.1.1.0 or 10.0.0.0

•

Remote subnet mask: 255.0.0.0

•

Remote gateway: 20.1.1.2

3. If a VPN tunnel has been added to the list of available Brocade Mobility 7131N-FGR Access

Point tunnels, use the VPN Tunnel Config field to optionally modify the tunnel’s properties.

Remote Gateway

The Remote Gateway column lists a remote gateway IP address for
each tunnel. The numeric remote gateway is the gateway IP
address on the remote network the VPN tunnel connects to.
Ensure the address is the same as the WAN port address of the
target gateway AP or switch.

Key Exchange Type

The Key Exchange Type column lists the key exchange type for
passing keys between both ends of a VPN tunnel. If Manual Key
Exchange is selected, this column displays Manual. If Auto (IKE)
Key Exchange is selected, the field displays Automatic.

Tunnel Name

Enter a name to define the VPN tunnel. The tunnel name is used to
uniquely identify each tunnel. Select a name best suited to that
tunnel’s function so it can be selected again in the future if
required in a similar application.

Interface name

Use the drop-down menu to specify the LAN1, LAN2 or WAN
connection used for routing VPN traffic. Remember, only one LAN
connection can be active on the access point Ethernet port at a
time. The LAN connection specified from the LAN screen to receive
priority for Ethernet port connectivity may be the better subnet to
select for VPN traffic.

Local WAN IP

Enter the WAN’s numerical (non-DNS) IP address in order for the
tunnel to pass traffic to a remote network.

Remote Subnet

Specify the numerical (non-DNS) IP address for the Remote
Subnet.

Remote Subnet Mask

Enter the subnet mask for the tunnel’s remote network for the
tunnel. The remote subnet mask is the subnet setting for the
remote network the tunnel connects to.

Remote Gateway

Enter a numerical (non-DNS) remote gateway IP address for the
tunnel. The remote gateway IP address is the gateway address on
the remote network the VPN tunnel connects to.

Default Gateway

Displays the WAN interface's default gateway IP address.