Manually setting up VPN connections

Manually setting up VPN connections involves the tasks described previously:

• Definition of the tunnel endpoints
• Definition of the security-related parameters (IKE and IPSec)
• Definition of the VPN network relationships, i.e. the IP address ranges to be connected. Should the IP ranges overlap at both ends of the connection, please refer to the section.
• When connectivity Windows networks (NetBIOS/IP): Without WINS servers at both ends of the VPN connection (such as when linking a home office), the device can take over the necessary NetBIOS proxy functions. To this end, the NetBIOS module in the device must be activated, and the corresponding VPN remote site must be entered into the NetBIOS module as the remote site. Should WINS servers be present in both of the coupled networks, then the NetBIOS module should be deactivated so that the device does not perform NetBIOS proxy functions.
  Note: To use the NetBIOS proxy in the device, either LANCOM Dynamic VPN must be used, because it transmits the required addresses, or the IP address of the remote site must be entered as a primary NBNS in the IP parameter list (LANconfig: Communication > Protocols).
• When using LANCOM Dynamic VPN: Entry for the corresponding remote site in the PPP list with a suitable password for the Dynamic VPN handshake. The username entered here must correspond with the name entered in the remote device that describes the VPN connection to this local device. Activate "IP routing". If Windows networks are also to be coupled, then the NetBIOS entry should be activated here.

The tunnel endpoints, i.e. the local VPN gateway and each of the VPN remote sites, are entered into the VPN connection list.

Manually configuring the VPN connection involves the following steps:

1. Create an entry for the remote VPN gateway in the connection list and enter its public IP address.
2. The security parameters for the VPN connection are normally taken from the prepared list, and all that is required here is to define an IKE key.
3. For a Dynamic VPN connection, create a new entry in the PPP list with the name of the remote VPN gateway as the remote site, with the name of the local VPN gateway as the User Name, and set a suitable password. Be sure to activate the IP routing for this PPP connection and, if required, the routing of "NetBIOS over IP" as well. The remaining PPP parameters, such as the procedure for checking the remote site, can be defined in the same way as for other PPP connections.
4. The main task in setting up VPN connections is in defining the network relationships. Which IP address ranges at each end of the VPN tunnel should be included in the secured connection?