Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentAltitude 3500 Series

191

192

193

194

195

196

197

198

199

200

Configuring Access Point Security

Altitude 3500 Series Access Point Product Reference Guide

196

NOTE

When creating a tunnel, the remote subnet and remote subnet mask must be that of the target device’s

LAN settings. The remote gateway must be that of the target device’s WAN IP address.

If access point #1 has the following values:

● WAN IP address: 20.1.1.2

● LAN IP address: 10.1.1.1

● Subnet Mask: 255.0.0.0

Then, the VPN values for access point #2 should be:

● Remote subnet: 10.1.1.0 or 10.0.0.0

● Remote subnet mask: 255.0.0.0

● Remote gateway: 20.1.1.2

3 If a VPN tunnel has been added to the list of available Altitude 35xx tunnels, use the VPN Tunnel

Config field to optionally modify the tunnel’s properties.

Remote Gateway The Remote Gateway column lists a remote gateway IP

address for each tunnel. The numeric remote gateway is

the gateway IP address on the remote network the VPN

tunnel connects to. Ensure the address is the same as the

WAN port address of the target gateway AP or controller.

Key Exchange

Type

The Key Exchange Type column lists the key exchange

type for passing keys between both ends of a VPN tunnel.

If Manual Key Exchange is selected, this column displays

Manual. If Auto (IKE) Key Exchange is selected, the field

displays Automatic.

Tunnel Name Enter a name to define the VPN tunnel. The tunnel name

is used to uniquely identify each tunnel. Select a name

best suited to that tunnel’s function so it can be selected

again in the future if required in a similar application.

Interface name Use the drop-down menu to specify the LAN1, LAN2 or

WAN connection used for routing VPN traffic. Remember,

only one LAN connection can be active on the access

point Ethernet port at a time. The LAN connection

specified from the LAN screen to receive priority for

Ethernet port connectivity may be the better subnet to

select for VPN traffic.

Local WAN IP Enter the WAN’s numerical (non-DNS) IP address in order

for the tunnel to pass traffic to a remote network.

Remote Subnet Specify the numerical (non-DNS) IP address for the

Remote Subnet.

Remote Subnet

Mask

Enter the subnet mask for the tunnel’s remote network for

the tunnel. The remote subnet mask is the subnet setting

for the remote network the tunnel connects to.

Remote Gateway Enter a numerical (non-DNS) remote gateway IP address

for the tunnel. The remote gateway IP address is the

gateway address on the remote network the VPN tunnel

connects to.

Default Gateway Displays the WAN interface's default gateway IP address.