System information

Appendix A: Advanced Device Configuration 385

Address Configuration for Connected Devices

A VPN connection must exist before a user can access native IP management

features on a device. The following table lists examples that show how the

VPN connections can be created using IPSec or PPTP. For these examples, the

IP address of the user’s workstation is 12.34.56.78.

IPSec VPN Configuration for Example 2

After the private subnets, device, and user account configuration in “Two

Private Subnets and User Configuration for Example 2” on page 382 is

completed, a VPN connection must be created. This example shows the

configuration steps that must be performed by the OnBoard administrator and

by a user on a remote workstation for enabling two IPSec VPN connections

One connection supports the IPSec VPN tunnel from the user’s workstation to

“sp1” and “sp2.” The second connection supports the IPSec VPN tunnel to

“sp3” and “sp4.”

The OnBoard administrator must also do the following to enable an IPSec

client to access the private subnets where the devices reside:

• Make sure that the IPSec service is enabled on the OnBoard.

• Obtain the IP address of the user’s workstation and use it to create two

named IPSec connections (“connSub1” and “connSub2”) with the

following values specified:

• Left ID: @onboard

• Left IP address: 203.1.2.3 (must be one of the OnBoard’s public IP

addresses)

• Left nexthop: leave blank if the user’s workstation and the OnBoard

are able to exchange packets.

Note: The user can test whether the user’s workstation can access the

OnBoard by entering the OnBoard’s public IP address in a browser to try to

bring up the Web Manager.

Table A-12: Examples for Creating IPSec and PPTP VPN Connections for Example 2

Type of VPN Where Documented

Create an IPSec VPN connection “IPSec VPN Configuration for Example 2” on page 385

Create a PPTP VPN connection “PPTP VPN Configuration for Example 2” on page 388