User Manual Part 3
Table Of Contents
- Introduction
- 1.1 New Features
- 1.2 Feature Overview
- 1.2.1 Single or Dual Mode Radio Options
- 1.2.2 Separate LAN and WAN Ports
- 1.2.3 Multiple Mounting Options
- 1.2.4 Antenna Support for 2.4 GHz and 5.2 GHz Radios
- 1.2.5 Sixteen Configurable WLANs
- 1.2.6 Support for 4 BSSIDs per Radio
- 1.2.7 Quality of Service (QoS) Support
- 1.2.8 Industry Leading Data Security
- 1.2.9 VLAN Support
- 1.2.10 Multiple Management Accessibility Options
- 1.2.11 Updatable Firmware
- 1.2.12 Programmable SNMP v1/v2/v3 Trap Support
- 1.2.13 Power-over-Ethernet Support
- 1.2.14 MU-MU Transmission Disallow
- 1.2.15 Voice Prioritization
- 1.2.16 Support for CAM and PSP MUs
- 1.2.17 Statistical Displays
- 1.2.18 Transmit Power Control
- 1.2.19 Advanced Event Logging Capability
- 1.2.20 Configuration File Import/Export Functionality
- 1.2.21 Default Configuration Restoration
- 1.2.22 DHCP Support
- 1.2.23 Multi-Function LEDs
- 1.3 Theory of Operations
- Hardware Installation
- Getting Started
- System Configuration
- Network Management
- Configuring Access Point Security
- 6.1 Configuring Security Options
- 6.2 Setting Passwords
- 6.3 Enabling Authentication and Encryption Schemes
- 6.4 Configuring Kerberos Authentication
- 6.5 Configuring 802.1x EAP Authentication
- 6.6 Configuring WEP Encryption
- 6.7 Configuring KeyGuard Encryption
- 6.8 Configuring WPA Using TKIP
- 6.9 Configuring WPA2-CCMP (802.11i)
- 6.10 Configuring Firewall Settings
- 6.11 Configuring VPN Tunnels
- 6.12 Configuring Content Filtering Settings
- 6.13 Configuring Rogue AP Detection
- 6.14 Configuring User Authentication
- Monitoring Statistics
- Command Line Interface Reference
- Configuring Mesh Networking
- Technical Specifications
- Usage Scenarios
- Customer Support
- Index
Usage Scenarios
B-17
• Question 11: I still can't get my tunnel to work after attempting to initiate traffic
between the two subnets. What now?
Try the following troubleshooting tips:
• Verify you can ping each of the remote Gateway IP addresses from clients on either side.
Failed pings can indicate general network connection problems.
• Pinging the internal gateway address of the remote subnet should run the ping through
the tunnel as well. Allowing you to test, even if there are no clients on the remote end.
• Question 12: My tunnel works fine when I use the LAN-WAN Access page to
configure my firewall. Now that I use Advanced LAN Access, my VPN stops
working. What am I doing wrong?
VPN requires certain packets to be passed through the firewall. Subnet Access
automatically inserts these rules for you when you do VPN. Advanced Subnet Access
requires these rules to be in effect for each tunnel.
• An 'allow' inbound rule.
• An 'allow' outbound rule.
• For IKE, an 'allow' inbound rule.
Scr <Remote Subnet IP range>
Dst <Local Subnet IP range>
Transport ANY
Scr port 1:65535
Dst port 1:65535
Rev NAT None
Scr <Local Subnet IP range>
Dst <Remote Subnet IP range>
Transport ANY
Scr port 1:65535
Dst port 1:65535
NAT None