Brocade Mobility 7131N-FGR Access Point Product Reference Guide (Supporting software release 4.0.0.0-35GRN and later) User Manual

578

Brocade Mobility 7131N-FGR Product Reference Guide

53-1001947-01

Configuring an IPSEC tunnel and VPN FAQs

B

•

UFQDN - tries to match the user entered local ID data string to the email address field of
the certificate.

Remote ID type refers to the way you identify an incoming certificate as being associated with
the remote side.

•

IP - tries the match the remote gateway IP to the IP addresses specified in the received
certificate.

•

FQDN - tries to match the user entered remote ID data string to the domain name field of
the received certificate.

•

UFQDN - tries to match the user entered remote ID data string to the email address field of
the received certificate.

•

Question 9: I am using a direct cable connection between my two VPN gateways for testing and
cannot get a tunnel established, yet it works when I set them up across another network or
router. Why?
The packet processing architecture of the access point VPN solution requires the WAN default
gateway to work properly. When connecting two gateways directly, you don't need a default
gateway when the two addresses are on the same subnet. As a workaround, point the access
point's WAN default gateway to be the other VPN gateway and vice-versa.

•

Question 10: I have setup my tunnel and the status still says 'Not Connected'. What should I do
now?
VPN tunnels are negotiated on an "as-needed" basis. If you have not sent any traffic between
the two subnets, the tunnel will not get established. Once a packet is sent between the two
subnets, the VPN tunnel setup occurs.

•

Question 11: I still can't get my tunnel to work after attempting to initiate traffic between the
two subnets. What now?