Section 35.3.19, Section 35.3.20 – Westermo RedFox Series User Manual
Page 830
Westermo OS Management Guide
Version 4.17.0-0
35.3.19
Configure Local Subnet
Syntax [no] local-subnet <SUBNET/LEN | SUBNET NETMASK>
Context
context
Usage Set the local subnet of this tunnel.
Only traffic from this IP range is allowed to enter the tunnel through this
gateway, and traffic arriving through the tunnel is only accepted when des-
tined to an address in this range.
If ”no local-subnet” is specified, only traffic to/from the IP address of the
outbound interface will be allowed through the tunnel.
Use ”show local-subnet” to show the configured local subnet for this tun-
nel. ”None” is shown if no local subnet has been configured.
Default values None (”no local-subnet”)
35.3.20
Configure Remote Subnet
Syntax [no] remote-subnet <SUBNET/LEN | SUBNET NETMASK> [shared]
Context
context
Usage Set the remote subnet of this tunnel.
Only traffic from this IP range is allowed to enter the tunnel through this
gateway, and traffic arriving through the tunnel is only accepted when des-
tined to an address in this range.
In case the remote peer is a PC (see
), specify the PC’s VPN client IP
address with a ”/32” prefix length, e.g., ”192.168.12.49/32”.
If ”no remote-subnet” is specified, only traffic to/from the IP address of the
Peer will be allowed through the tunnel.
On a responder, you can specify that the remote subnet configured is shared
by multiple initiators by setting the ”shared” keyword (default disabled).
The local subnet of each initiator must be within the range specified by the
responder’s remote subnet. Without the ”shared” keyword, there can only
be one initiator for this tunnel configuration, and its local subnet must match
the responder’s remote subnet.
830
➞ 2015 Westermo Teleindustri AB