Routing requirements for vpn connections – Avocent 5240 User Manual
Page 40
28 MergePoint 5224/5240 Service Processor Manager User Guide
An authorized user can enable native IP access in one of the following two ways:
•
If the authorized user is connected to the MergePoint 5224/5240 SP manager’s console, the
user can select the Enable native IP option that appears in the spshell menu for the selected SP.
•
If the authorized user is logged into the Web Manager, the user can choose Enable Native IP
for the desired target device on the Target devices screen.
The VPN connection must remain active for the duration of the native IP session.
CAUTION: To prevent unauthorized users from accessing the native IP features of the target device, when you
are finished, always disable any native IP sessions and then close the VPN connection.
Routing requirements for VPN connections
All routing requirements assume the user’s workstation and the MergePoint 5224/5240 SP manager
can exchange packets.
IPSec VPN routing requirements
If a route is necessary for the MergePoint 5224/5240 SP manager and the user’s workstation to
exchange packets, a route can be specified by setting one or both of the Right and Left nexthop
parameters to the IP address of a host route and selecting Add and route as the boot action. This
should be configured by the MergePoint 5224/5240 SP manager’s administrator and the
configuration should be shared with the user. Once packets can be exchanged between the
MergePoint 5224/5240 SP manager and the user’s workstation, IPSec automatically creates the
routes needed to get packets flowing through an IPSec VPN tunnel, so neither the user nor the
administrator need to create routes to support IPSec VPN tunnels to target devices.
PPTP VPN routing requirements
If a network or host route is needed to enable communications between the user’s workstation and
the MergePoint 5224/5240 SP manager, the user must manually add the route on the user’s
workstation before creating the PPTP VPN tunnel.
In addition, the user must manually create a static route after the PPTP connection is established to
inform the workstation that the target device to be contacted is at the other end of the point-to-point
link. The route must include the PPTP address assigned to the MergePoint 5224/5240 SP manager,
which the user can discover by running the ifconfig or ipconfig command.
The following example shows the PPTP interface IP address output from the ipconfig command on
an Windows NT operating system when PPTP has assigned an IP address of 192.168.2.1.
C:\> ipconfig
...
PPP adapter MergePoint5224/5240_PPTP_VPN
...
IP Address.. . . . . . . . . : 192.168.2.1