RuggedCom RX1100 用户手册
RuggedRouter
User Guide
You must configure the firewall to accept connections on these ports and protocols.
See the Configuring The Firewall chapter, Configuring The Firewall And VPN
section for details.
See the Configuring The Firewall chapter, Configuring The Firewall And VPN
section for details.
The Openswan Configuration Process
Each VPN connection has two ends, in the local router and the remote router. The
Openswan developers designed the configuration in such a way that the configuration
record describing a VPN connection can be used without change at either end. One
side of the connection (typically the local side) is designated the “left” side and the
other is designated the “right” side.
A convenient method is to configure both ends simultaneously, having two browser
windows up. The relevant information is cut and pasted from window to window.
This module also includes tools to export and import the connection data. The
configuration can thus be generated at one router, exported, and imported at the
remote router.
Openswan developers designed the configuration in such a way that the configuration
record describing a VPN connection can be used without change at either end. One
side of the connection (typically the local side) is designated the “left” side and the
other is designated the “right” side.
A convenient method is to configure both ends simultaneously, having two browser
windows up. The relevant information is cut and pasted from window to window.
This module also includes tools to export and import the connection data. The
configuration can thus be generated at one router, exported, and imported at the
remote router.
IPsec and Router Interfaces
The IPsec daemon requires router interfaces to exist before it starts. If none of the
interfaces needed by IPsec exist, IPsec will check for them every minute until at least
one does.
Note that in the unlikely event that IPsec uses multiple network interfaces, a stop of
any of those interfaces will cause all tunnels to stop.
IPsec may have to be manually restarted after configuring network interfaces when
multiple tunnels exist.
interfaces needed by IPsec exist, IPsec will check for them every minute until at least
one does.
Note that in the unlikely event that IPsec uses multiple network interfaces, a stop of
any of those interfaces will cause all tunnels to stop.
IPsec may have to be manually restarted after configuring network interfaces when
multiple tunnels exist.
VPN Main Menu Before Key Generation
Figure 104: IPsec VPN Configuration Menu Before Key Generation
Upon the first entry to this menu you will prompted to generate a VPN host key. Key
generation will require about 30 seconds to complete after which the menu
appearance will change.
generation will require about 30 seconds to complete after which the menu
appearance will change.
VPN Main Menu
The new menu appearance will resemble that of the following menu with the
exception that you will be warned that VPN networking is not enabled. Enable VPN
networking via the System folder, Bootup And Shutdown menu.
exception that you will be warned that VPN networking is not enabled. Enable VPN
networking via the System folder, Bootup And Shutdown menu.
Figure 105: IPsec VPN Configuration Menu Before After Generation
126 RuggedCom