Figure 13, Split tunneling example – Nortel Networks NN46110-602 User Manual

Appendix D Configuring for interoperability 221

Nortel VPN Router Troubleshooting

Figure 13 Split tunneling example

To configure the VPN Router as a user tunnel:

1

Select Profiles

> Groups and click Add. Enter a group name of up to 64

characters (spaces are permitted); for example, Research and Development.

2

Click Edit next to the name of the new group, scroll down to the IPsec
section, and click Configure.

The IPsec Edit window appears.

3

Enable Split tunneling if you want your VPN Router to control the networks
that the third-party client can access. If you disable split tunneling and enable
Allow undefined networks for non-Nortel VPN Clients, the clients can
connect to all internal networks. If you select both Split Tunneling and Allow
undefined networks for non-Nortel VPN Clients, the VPN Router uses the
split tunneling feature and ignores the Allow undefined networks selection.

4

Under Client Selection, select Non-Nortel VPN Clients (LINUX) or Both
Nortel and Non-Nortel VPN Clients from the list.

5

Third-party clients can use either preshared key or digital certificate
authentication. Click to enable the user name and password to authenticate
user identity. If you are using Main mode, the user name is the user’s IP
address and the password can be any password.

Click RSA Digital Signature to enable certificate authentication if your
client supports this. You must then select a default server certificate from the
list. You configure servers from the System

> Certificates window.

VPN Router

10.2.3.4

10.10.0.5

10.10.0.1

10.2.3.3

10.2.3.2

Public

Data Network

192.168.43.6

Mail Server

Archive

Remote User

192.19.2.31

192.19.2.32

192.19.2.33

Printer