User`s guide
194
Entity
Instance
Parameter
Values
Equivalent Web Parameter
eroute n toslist
Comma separated
list of Integers
IP packets with ToS values n must
use this tunnel
eroute n locport 0 - 65535
Only tunnel IP packets with source
TCP/UDP port
eroute n remport 0 - 65535
Only tunnel IP packets with
destination TCP/UDP port
eroute n locfirstport 0 - 65535
Only tunnel IP packets with source
TCP/UDP port in the range of n1 to
n2
eroute n loclastport 0 - 65535
Only tunnel IP packets with source
TCP/UDP port in the range of n1 to
n2
eroute n remfirstport 0 - 65535
Only tunnel IP packets with
destination TCP/UDP port in the
range of n1 to n2
eroute n remlastport 0 - 65535
Only tunnel IP packets with
destination TCP/UDP port in the
range of n1 to n2
Setting up IPsec Tunnels for Multiple Users
For small numbers of users it is usual to set up an individual eroute for each user. However,
to ease configuration where large numbers of users are required, the “*” character can be
used as a wildcard to match multiple user IDs. For example, setting the Peer ID parameter
to “Digi*” would match all remote units having an Our ID parameter starting with “Digi”,
e.g. Digi01, Digi02, etc.
Example
To setup multiple users in this way, first set up the Our ID parameter on the host unit to a
suitable name, e.g. “Host1”. Then set the Peer ID parameter to “Remote*” for example. In
addition, an entry would be made in the user table with “Remote*” for the Username and a
suitable Password value, e.g. “mysecret”.
Each of the remote units that required access to the host would then have to be configured
with an Our ID parameter of “Remote01”, “Remote02”, etc. and each would have to have
an entry in their user table for User Host1 along with its password (i.e. the pre-shared key).