Manualshelf

Owner manual

ManualsBrandsNetopia ManualsHardware3300
181182183184185186187188189190
Internet Key Exchange (IKE) IPsec Key Management for VPNs 6-17
This feature allows you to define many local and remote network ranges for a given IPsec VPN profile. Each of
these ranges has its own IPsec tunnel. However, each tunnel has a common tunneling endpoint and encryption
policy. This is useful, for example, for branch office management of multiple IP subnets over an encrypted VPN
tunnel. The following diagram illustrates this feature:
Advantages of Multiple Network IPsec are:
scalability
flexibility, by adding any combination of remote/local network ranges
support for sub-netting, host and network range addressing modes
works with manual keying and Internet Key Exchange (IKE), including Xauth IKE extension (see
page 6-6).
each IPsec network works under the same local/remote tunnel endpoints
Select Add Network and press Return. The Add Network Configuration screen appears.
The Remote Member Format and Local Member Format pop-up menus allow you to choose a format for
your network end points: Subnet, Range, or a single Host Address.
Add Network Configuration
+--------------+
+--------------+
Remote Member Format... | Subnet |
Remote Member Address: | Range |
Remote Member Mask: | Host Address |
Local Member Format... +--------------+
Local Member Address: 0.0.0.0
Local Member Mask: 0.0.0.0
COMMIT CANCEL