Netopia r6100 Verweisanleitung
Virtual Private Networks (VPN) 15-23
Note: Ascend does not suppor t DES encr yption for ATMP tunnels.
■
You must specify an 8-byte Key String when DES is selected. When encr yption is None, this field is
invisible.
invisible.
■
You can specify that this router will Initiate Connections, acting as a foreign agent (Yes), or only answer
them, acting as a home agent (No).
them, acting as a home agent (No).
■
Tunnels are normally initiated On Demand; however, you can disable this feature. When disabled, the
tunnel must be manually established through the call management screens.
tunnel must be manually established through the call management screens.
■
You can specify the Idle Timeout, an inactivity timer, whose expiration will terminate the tunnel. A value of
zero disables the timer. Because tunnels are subject to abrupt termination when the underlying datalink is
torn down, use of the Idle Timeout is strongly encouraged.
zero disables the timer. Because tunnels are subject to abrupt termination when the underlying datalink is
torn down, use of the Idle Timeout is strongly encouraged.
An alternate way to force a tunnel to stay up is to define a forced up scheduled connection for the profile.
The method works the same way as creating a forced up scheduled connection for the line backup feature.
See
The method works the same way as creating a forced up scheduled connection for the line backup feature.
See
■
Return to the Connection Profile screen by pressing Escape.
■
Select IP Profile Parameters and press Return. The IP Profile Parameters screen appears.
■
Enter the Remote IP Address and Remote IP Mask for the host to which you want to tunnel.
Note: A peculiarity associated with VPNs is that when a foreign agent has NAT applied to a Connection Profile
set for ATMP data link encapsulation, the home agent and devices behind it, cannot Ping the foreign agent's
tunnel end-point IP address. This is because ICMP packets have no por t association, and thus will be discarded
rather than being processed by NAT.
set for ATMP data link encapsulation, the home agent and devices behind it, cannot Ping the foreign agent's
tunnel end-point IP address. This is because ICMP packets have no por t association, and thus will be discarded
rather than being processed by NAT.
Ordinarily, Ping is an excellent troubleshooting tool, but it will not be effective in this circumstance. Instead, use
another TCP- or UDP-based network ser vice for troubleshooting. Since the Netopia Router is capable of ser ving
Telnet and HTTP, we recommend using these ser vices instead of Ping.
another TCP- or UDP-based network ser vice for troubleshooting. Since the Netopia Router is capable of ser ving
Telnet and HTTP, we recommend using these ser vices instead of Ping.
IP Profile Parameters
Address Translation Enabled: Yes
NAT Map List... Easy-PAT
NAT Server List... Easy-Servers
NAT Server List... Easy-Servers
Local WAN IP Address: 0.0.0.0
Remote IP Address: 173.167.8.10
Remote IP Mask: 255.255.0.0
Remote IP Mask: 255.255.0.0
Filter Set...
Remove Filter Set
Remove Filter Set
Receive RIP: Both
Enter a subnet mask in decimal and dot form (xxx.xxx.xxx.xxx).