Server User Manual
Table Of Contents
- SDS/SCS/STS/MDC User’s Guide
- Table of Contents
- Preface
- Introduction
- Hardware and Connectivity
- Configuration Methods
- Getting Started
- Using DeviceManager and WebManager
- Network Settings
- Configuring Serial Ports
- Introduction
- Serial Ports
- Serial Port Profiles
- Common Tabs
- Console Management Profile
- TruePort Profile
- TCP Sockets Profile
- UDP Sockets Profile
- Terminal Profile
- User Service Settings
- Printer Profile
- Serial Tunneling Profile
- Virtual Modem Profile
- Control Signal I/O Profile
- Modbus Gateway Profile
- Power Management Profile
- Remote Access (PPP) Profile
- Remote Access (SLIP) Profile
- Custom Application Profile
- Port Buffering
- Advanced
- Configuring Users
- Configuring Security
- Configuring I/O Interfaces
- Configuring Clustering
- Configuring the Option Card
- Configuring the System
- Controlling the RPS, I/O Channels, and IPsec Tunnels
- System Administration
- Introduction
- Managing Configuration Files
- Downloading IOLAN Firmware
- Calibrating I/O
- Setting the IOLAN’s Date and Time
- Rebooting the IOLAN
- Resetting the IOLAN to Factory Defaults
- Resetting the SecurID Node Secret
- Language Support
- Downloading Terminal Definitions
- Resetting Configuration Parameters
- Lost Admin Password
- Applications
- RADIUS and TACACS+
- SSL/TLS Ciphers
- Virtual Modem AT Commands
- Pinouts and Cabling Diagrams
- Setting Jumpers
- I/O Wiring Diagrams
- Utilities
- Accessories
- Troubleshooting
- Introduction
- Hardware Troubleshooting
- Communication Issues
- DeviceManager Problems
- Host Problems
- RADIUS Authentication Problems
- Login Problems
- Problems with Terminals
- Unknown IP Address
- DHCP/BOOTP Problems
- Callback Problems
- Language Problems
- Modem Problems
- PPP Problems
- Printing Problems
- Long Reboot Cycle
- SSL/TLS
- I/O Models
- IPv6 Issues
- Contacting Technical Support
- Glossary
- Index
343
Configuring a Virtual Private Network
3. If the signer of the remote X.509 certificate has not already been included in the CA list file that
has already been downloaded to the IOLAN, you need to add (append) the signer of the X.509
certificate to the CA list file and then download the file to the IOLAN by selecting
Tools,
Advanced, Keys and Certificates. In the Keys and Certificates window, select Download
SSL/TLS CA
and the file name and click OK. Note that this file must be a concatenation of all
certificate signers required for any SSL/TLS, LDAP, SSH, and/or IPsec connections.
4. Enable the IPsec service found in Security, Services.
Host-to-Host
The following example shows how to configure two IOLANs to work as VPN gateways for a host-to-
host IPsec tunnel.
NAT Traversal (NAT_T) is enabled in this example (on both sides) because the
VPN tunnel is going private network to public network to private network. In this example, both of
the IOLAN VPN gateways have a DHCP assigned IP address.
IOLAN VPN
Gateway
DHCP assigned IP
172.16.45.23
DHCP assigned IP
192.168.45.87
External IP Address
196.15.23.56
IOLAN VPN
Gateway
External IP Address
199.24.23.88
Left
Right
IPsec Tunnel--Encrypted Data
Unencrypted
Data
Internet
172.16.45.99
192.168.45.99
Router
Router
Unencrypted
Data
1. The following window configures the Left IOLAN VPN Gateway:
%defaultroute is entered for the Local IP Address because the IP address is DHCP assigned
and is therefore subject to change.