Local / access, Local / protocol, Local / port – Compatible Systems 5.4 User Manual

Chapter 6 - VPN Ports and LAN-to-LAN Tunnels

105

Local / Access

This used to specify a local host or subnet which will be reachable by the
tunnel. It is entered as an IP address followed by a slash followed by the
number of significant bits in the entered IP address (i.e., 192.168.41.9/32). To
allow access to only a single host, specify 32 in the bits portion.

Local / Protocol

The pull-down menu is used to specify an IP protocol which will accepted by
this end of the tunneled. The default of 0 will allow all protocols. Accepted
IP Protocol numbers are:

•1 - ICMP (Internet Control Message Protocol)

•6 - TCP (Transmission Control Protocol)

•17 - UDP (User Diagram Protocol)

•47 - GRE (Generic Routing Encapsulation)

•50 - ESP (Encapsulating Security Protocol)

•51 - AH (Authentication Header)

•89 - OSPF (Open Shortest Path First)

Local / Port

The is used to specify a local port number which will be reachable via the
tunnel. The default of 0 will allow all ports.

v Note: Refer to the IP Filter Name section in the Text Based Configura-
tion and Command Line Management Reference Guide for more informa-
tion on commonly used ports and their numbers.

Peer / Access

This is used to specify a host or subnet behind the remote tunnel partner
which will be reachable via the tunnel. It is entered as an IP address followed
by a slash followed by the number of significant bits in the entered IP address
(i.e., 192.168.41.9/32). To tunnel to only a single host, specify 32 in the bits
portion.

Peer / Protocol

This pull-down menu is used to specify an IP protocol which will be tunneled. If a
protocol number is specified, then only traffic of that protocol type will be tunneled.
The default of 0 will allow all protocols.

Accepted IP Protocol numbers are:

•1 - ICMP (Internet Control Message Protocol)

•6 - TCP (Transmission Control Protocol)

•17 - UDP (User Diagram Protocol)

•47 - GRE (Generic Routing Encapsulation)