C613-16004-00 REV D

www.alliedtelesis.com

AlliedWare

TM

OS

How To |

Introduction

This document describes how to provide secure remote access through IP security (IPSec)
Virtual Private Networks (VPN).

This VPN solution is suitable for any business deployment and provides your office with
secure internet access and firewall protection, plus remote encrypted VPN access for staff
who work from home.

You should use the companion Note How To Create A VPN Between An Allied Telesis Router And
A Microsoft Windows 2000 Client, Over NAT-T instead, if:

z

the Allied Telesis router is connected to the Internet through a NAT gateway device, such
as an ADSL modem, and/or

z

you want to let travelling staff connect to your office from such places as hotel rooms.

This companion How To Note is available from

www.alliedtelesis.com/resources/literature/

howto.aspx

.

Consider the following typical scenario:

You are the manager of a small business and you have purchased an AR415S for your small
office premises. You have five PCs networked together with a server in your office. You
intend to use your AR415S as your Internet gateway and for it to provide firewall protection.

You also have people who sometimes work from home. You would like these staff members
to have secure (encrypted) remote access through the Internet to the servers in your office,
to allow them to access files, the private Intranet, and business email.

Each staff member has a laptop or PC with Windows 2000 installed.

1. Internet Explorer and Windows are registered trademarks of Microsoft Corporation in the United States and other countries.

Create a VPN between an Allied Telesis Router
and a Microsoft Windows 2000

1

Client, Without

Using NAT-T