Product specifications
Efficient Networks
®
Router family
Command Line Interface Guide
Chapter 6: Connection Management
Efficient Networks
®
Page 6-61
VPN with IP Filtering and MS Networking
When setting up Secure VPN and Firewall functions, the configuration of routers is
not complete until each user can log onto the corporate domain controller for access
to all resources on the LAN. UDP relay and WINS server commands will allow MS
networking to function through a VPN tunnel. The following items must be configured:
1. Domain controller must be configured for networking using IP.
2. Client workstations must be configured for networking using IP.
3. A router must have UDP relay configured.
4. A router must be configured to serve the primary and secondary WINS
server IP addresses.
5. A firewall must accept packets to and from the IP address of the far end.
For instructions on items 1 and 2, consult a Windows manual. A script for items 3, 4,
and 5 appears below.
system addudprelay <server IP address> <first port> <last port>
e.g. system addudprelay 192.168.254.50 137 139
dhcp set valueoption 44 <prim winsserv ip address> <secondary>
e.g. dhcp set valueoption 44 192.168.254.50 192.168.254.60
remote ipfilter insert input accept -sa < IP address of far
end> <remote name>
remote ipfilter insert output accept -da < IP address of far
end> <remote name>
remote ipfilter insert input accept -sa 200.x.x.x internet
remote ipfilter insert output accept -da 200.x.x.x internet