User guide
360
☛ NOTE:
Typically, no special configuration is necessary to use the IPSec pass through
feature.
In the diagram, VPN PC clients are shown behind the Netopia Gateway and the
secure server is at Corporate Headquarters across the WAN. You cannot have
your secure server behind the Netopia Gateway.
When multiple PCs are starting IPSec sessions, they must be started one at a
time to allow the associations to be created and mapped.
VPN IPSec Tunnel Termination
This Netopia service supports termination of VPN IPsec tunnels at the Gateway. This per-
mits tunnelling from the Gateway without the use of third-party VPN client software on your
client PCs.
Stateful Inspection Firewall
Stateful inspection is a security feature that prevents unsolicited inbound access when
NAT is disabled. You can configure UDP and TCP “no-activity” periods that will also apply to
NAT time-outs if stateful inspection is enabled on the interface.
Technical details are discussed in “Expert Mode” on page 41.
SSL Certificate Support
On selected models, you can also install a Secure Sockets Layer (SSL V3.0) certificate
from a trusted Certification Authority (CA) for authentication purposes. If this feature is
available on your Gateway, an additional link will appear in the Install page.
Netopia Firmware Version 7.6.1 uses SSL certificates for TR-069 support.
See “Install Certificate” on page 201.
VLANs
Netopia's VGx technology allows a single Netopia VGx-enabled broadband gateway to act
as separate virtual gateways, treating each individual service as a single service "chan-
nel." The VGx-enabled gateway applies specific policies, routing, and prioritization parame-
ters to each service channel, ensuring delivery of that service to the appropriate peripheral