Configuring a cisco vpn device, Frequently asked vpn questions – Brocade Mobility 7131N-FGR Access Point Product Reference Guide (Supporting software release 4.0.0.0-35GRN and later) User Manual
Page 588
576
Brocade Mobility 7131N-FGR Product Reference Guide
53-1001947-01
Configuring an IPSEC tunnel and VPN FAQs
B
17. Click Apply to make the changes
18. Check the VPN Status screen. Notice the status displays "NOT_ACTIVE". This screen
automatically refreshes to get the current status of the VPN tunnel. Once the tunnel is active,
the IKE_STATE changes from NOT_CONNECTED to SA_MATURE.
19. On access point #2/ Device #2, repeat the same procedure. However, replace access point #2
information with access point #1 information.
20. Once both tunnels are established, ping each side of the tunnel to ensure connectivity.
Configuring a Cisco VPN device
This section includes general instructions for configuring a Cisco PIX Firewall 506 series device.
For the usage scenario described in this section, you will require the following:
•
1 Cisco VPN device
•
1 PC connected to the LAN side of the access point and the Cisco PIX.
NOTE
The Cisco PIX device configuration should match the access point VPN configuration in terms
of Local WAN IP (PIX WAN), Remote WAN Gateway (access point WAN IP), Remote Subnet
(access point LAN Subnet), and the Remote Subnet Mask. The Auto Key Settings and the IKE
Settings on the Cisco PIX should match the access point Key and
IKE settings.
Below is how the access point VPN Status screen should look if the entire configuration is setup
correctly once the VPN tunnel is active. The status field should display "ACTIVE".
Frequently asked VPN questions
The following are common questions that arise when configuring a VPN tunnel.
•
Question 1: Does the access point IPSec tunnel support multiple subnets on the other end of a
VPN concentrator?
Yes. The access point can access multiple subnets on the other end of the VPN Concentrator
from the access point's Local LAN Subnet by: