Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentAltitude 4700 Series

221

222

223

224

225

226

227

228

229

230

Altitude 4700 Series Access Point Product Reference Guide

227

NOTE

When creating a tunnel, the remote subnet and remote subnet mask must be that of the target device’s

LAN settings. The remote gateway must be that of the target device’s WAN IP address.

If Access Point #1 has the following values:

● WAN IP address: 20.1.1.2

● LAN IP address: 10.1.1.1

● Subnet Mask: 255.0.0.0

Then, the VPN values for Access Point #2 should be:

● Remote subnet: 10.1.1.0 or 10.0.0.0

● Remote subnet mask: 255.0.0.0

● Remote gateway: 20.1.1.2

3 If a VPN tunnel has been added to the list of available access point tunnels, use the VPN Tunnel

Config field to optionally modify the tunnel’s properties.

Del Click Del to delete a highlighted VPN tunnel. There is no

confirmation before deleting the tunnel.

Tunnel Name The Tunnel Name column lists the name of each VPN

tunnel on the

access point.

Remote Subnet The Remote Subnet column lists the remote subnet for

each tunnel. The remote subnet is the subnet the remote

network uses for connection.

Remote Gateway The Remote Gateway column lists a remote gateway IP

address for each tunnel. The numeric remote gateway is

the gateway IP address on the remote network the VPN

tunnel connects to. Ensure the address is the same as the

WAN port address of the target gateway AP or controller.

Key Exchange

Type

The Key Exchange Type column lists the key exchange

type for passing keys between both ends of a VPN tunnel.

If Manual Key Exchange is selected, this column displays

Manual. If Auto (IKE) Key Exchange is selected, the field

displays Automatic.

Tunnel Name Enter a name to define the VPN tunnel. The tunnel name

is used to uniquely identify each tunnel. Select a name

best suited to that tunnel’s function so it can be selected

again in the future if required in a similar application.

Interface name Use the drop-down menu to specify the LAN1, LAN2 or

WAN connection used for routing VPN traffic. Remember,

only one LAN connection can be active on the Access

Point Ethernet port at a time. The LAN connection

specified from the LAN screen to receive priority for

Ethernet port connectivity may be the better subnet to

select for VPN traffic.

Local WAN IP Enter the WAN’s numerical (non-DNS) IP address in order

for the tunnel to pass traffic to a remote network.

Remote Subnet Specify the numerical (non-DNS) IP address for the

Remote Subnet.

Remote Subnet

Mask

Enter the subnet mask for the tunnel’s remote network for

the tunnel. The remote subnet mask is the subnet setting

for the remote network the tunnel connects to.