Network-to-network – Perle Systems IOLAN SCS User Manual

Configuring a Virtual Private Network

330

IOLAN Device Server User’s Guide, Version 3.6

Network-to-Network

The following examples shows how to configure a network-to-network IPsec tunnel. This example
uses the X.509 Certificate authentication method, so it includes the configuration requirements for the
X.509 certificate.

NAT Traversal (NAT_T)

is enabled in this example (on both sides) because the

VPN tunnel is going private network to public network to private network. Notice also that the serial
devices connected to the IOLAN can be accessed by the VPN tunnel, since they are included in the
network configuration as part of the

172.16.45.0

subnetwork.

1.

Configure the IPsec tunnel in the IOLAN:

2.

Click the

Remote Validation Criteria

button and enable and populate the fields that are required

for the remote X.509 certificate validation. If you just want to validate the X.509 certificate
signer, you do not need to enable any of the remote validation criteria fields.

Remote VPN

Gateway

172.16.45.84

172.16.45.1

Internet

172.16.45.23

192.168.45.45

192.168.45.12

192.168.45.87

External IP Address

196.15.23.56

172.16.45.99

192.168.45.99

Router

Router

External IP Address

199.15.23.56

Left

Right

IPsec Tunnel--Encrypted Data

Unencrypted

Data

Unencrypted

Data