User Manual
Advanced Console Server & RIM Gateway User Manual 75
o If you select Shared secret you will need to enter a Pre-shared secret (PSK). The PSK must match the
PSK configured at the other end of the tunnel
 In Authentication Protocol select the authentication protocol to be used. Either authenticate as part of ESP
(Encapsulating Security Payload) encryption or separately using the AH (Authentication Header) protocol.
 Enter a Left ID and Right ID. This is the identifier that the Local host/gateway and remote host/gateway use for
IPsec negotiation and authentication. Each ID must include an ‘@’ and can include a fully qualified domain name
preceded by ‘@’ ( e.g. left@example.com )
 Enter the public IP or DNS address of this Opengear VPN gateway (or if not an ACM5004-G or ACM5504-5-G-I
enter the address of the gateway device connecting it to the Internet) as the Left Address. You can leave this
blank to use the interface of the default route
 In Right Address enter the public IP or DNS address of the remote end of the tunnel (only if the remote end has
a static or dyndns address). Otherwise leave this blank
 If the Opengear VPN gateway is serving as a VPN gateway to a local subnet (e.g. the console server has a
Management LAN configured) enter the private subnet details in Left Subnet. Use the CIDR notation (where the
IP address number is followed by a slash and the number of ‘one’ bits in the binary notation of the netmask). For
example 192.168.0.0/24 indicates an IP address where the first 24 bits are used as the network address. This is
the same as 255.255.255.0. If the VPN access is only to the console server itself and to its attached serial
console devices then leave Left Subnet blank
 If there is a VPN gateway at the remote end, enter the private subnet details in Right Subnet. Again use the
CIDR notation and leave blank if there is only a remote host
 Select Initiate Tunnel if the tunnel connection is to be initiated from the Left console server end. This can only be
initiated from the VPN gateway (Left) if the remote end was configured with a static (or dyndns) IP address
 Click Apply to save changes
Note It is essential the configuration details set up on the advanced console server (referred to as the Left or Local
host) exactly matches the set up entered when configuring the Remote (Right) host/gateway or software client.
Refer to the http://www.opengear.com/faq.html for details on configuring these remote ends
4.10 OpenVPN
The ACM5500, ACM5000, IM4004-5 and IM4200 family of advanced console servers with Firmware V3.2 and later,
include OpenVPN which is based on TSL (Transport Layer Security) and SSL (Secure Socket Layer). With OpenVPN, it
To Next Page
Loading...
Need help?
General
