Configuring a cisco vpn device, Frequently asked vpn questions – Brocade Mobility 7131 Access Point Product Reference Guide (Supporting software release 4.4.0.0 and later) User Manual

Brocade Mobility 7131 Access Point Product Reference Guide

505

53-1002517-01

B

Configuring a Cisco VPN Device

This section includes general instructions for configuring a Cisco PIX Firewall 506 series device.

For the usage scenario described in this section, you will require the following:

•

1 Cisco VPN device

•

1 PC connected to the LAN side of the access point and the Cisco PIX.

NOTE

The Cisco PIX device configuration should match the access point VPN configuration in terms of
Local WAN IP (PIX WAN), Remote WAN Gateway (access point WAN IP), Remote Subnet (access point
LAN Subnet), and the Remote Subnet Mask. The Auto Key Settings and the IKE Settings on the Cisco
PIX should match the access point Key and
IKE settings.

Below is how the access point VPN Status screen should look if the entire configuration is setup
correctly once the VPN tunnel is active. The status field should display "ACTIVE".

Frequently Asked VPN Questions

The following are common questions that arise when configuring a VPN tunnel.

•

Question 1: Does the access point IPSec tunnel support multiple subnets on the other end of a
VPN concentrator?

Yes. The access point can access multiple subnets on the other end of the VPN
Concentrator from the access point's Local LAN Subnet by:

•

Creating multiple VPN Tunnels. The AP supports a maximum of 25 tunnels.

•

When using the Remote Subnet IP Address with an appropriate subnet mask, the AP can
access multiple subnets on the remote end.
For example: If creating a tunnel using 192.168.0.0/16 for the Remote Subnet IP address,
the following subnets could be accessed:

192.168.1.x

192.168.2.x