Chapter 4 – configuration examples, Example 1 – lan-to-lan vpn (branch office) – Multi-Tech Systems RF660 User Manual

Chapter 4 – Configuration Examples

Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D)

31

Chapter 4 – Configuration Examples

Example 1 – LAN-to-LAN VPN (Branch Office)

The setup for a LAN-to-LAN VPN (branch office) requires two RF660VPNs - one in the home office and one in the remote
branch office. It requires additional parameters beyond the Wizard Setup to be entered; these are listed in the table below.
For the RouteFinder VPN in remote branch office follow the same procedures as the home office procedures; just use
different IP addresses. The addresses and parameters in this example are used throughout this section as a point of
reference for you.
For details about this and other setups, see the RouteFinder Setup Examples Reference Guide, which is available on the
RouteFinder CD and on the Multi-Tech Systems, Inc. Web site at

http://www.multitech.com

Site A - Static IP Addresses (Input these parameters

using the RF660VPN in the home office).

1. Domain name = site-A.com
2. Public Class C = 204.26.122.x

3. Networks & Services > Networks
LAN: 192.168.2.0 – 255.255.255.0
RemoteLAN: 192.168.10.0 – 255.255.255.0
RemoteWAN_IP: 204.26.122.3 – 255.255.255.255
4. Network Setup > Interface
Default gateway = 204.26.122.1
Host name = RF660VPN.site-A.com
Eth0 = LAN, 192,168.2.1, 255.255.255.0
Eth1 = WAN, 204.26.122.103, 255.255.255.0

Eth2 = DMZ (don’t care)

5. Packet Filters > Packet Filter Rules
LAN – Any – Any – Accept

RemoteLAN – Any – Any – Accept
6. VPN > IPSec
Check and Save VPN Status
Add an IKE connection:

Connection name = SiteA
Check Perfect Forward Secrecy
Authentication Method = Secret
Enter secret key (must be same on both sides)
Select Encryption = 3DES
Local WAN IP = WAN
Local LAN = LAN
Remote Gateway IP = RemoteWAN_IP
Remote LAN = RemoteLAN
Disable UID

Site B - StaticIP Addresses (Input these parameters

using the RF660VPN in the branch office).

1. Domain name = site-B.com
2. Public Class C = 204.26.122.x

3. Networks & Services > Networks
LAN: 192.168.10.0 – 255.255.255.0
RemoteLAN: 192.168.2.0 – 255.255.255.0

RemoteWAN_IP: 204.26.122.103 – 255.255.255.255

4. Network Setup > Interface
Default gateway = 204.26.122.1
Host name = RF660VPN.site-B.com
Eth0 = LAN, 192.168.10.1, 255.255.255.0
Eth1 = WAN, 204.26.122.3, 255.255.255.0

Eth2 = DMZ (don’t care)

5. Packet Filters > Packet Filter Rules
LAN – Any – Any – Accept
RemoteLAN – Any – Any – Accept

Site B - Static IP Addresses (continued)
6. VPN > IPSec

Check and Save VPN Status
Add an IKE connection:

Connection name = SiteB
Check Perfect Forward Secrecy
Authentication Method = Secret
Enter secret key (must be the same on both sides)
Select Encryption = 3DES
Local WAN IP = WAN
Local LAN = LAN
Remote Gateway IP = RemoteWAN_IP

Remote LAN = RemoteLAN

Disable UID