•
Question 6: Can an IPSec tunnel over a PPPoE connection be established - such as
a PPPoE enabled DSL link?
Yes. The access point supports tunneling when using a PPPoE username and password.
•
Question 7: Can I setup an access point so clients can access both the WAN
normally and only use the VPN when talking to specific networks?
Yes. Only packets that match the VPN Tunnel Settings will be sent through the VPN tunnel.
All other packets will be handled by whatever firewall rules are set.
•
Question 8: I am using a direct cable connection between my two VPN gateways
for testing and cannot get a tunnel established, yet it works when I set them up
across another network or router. Why?
The packet processing architecture of the access point VPN solution requires the WAN
default gateway to work properly. When connecting two gateways directly, you don't need
a default gateway when the two addresses are on the same subnet. As a workaround, point
the access point's WAN default gateway to be the other VPN gateway and vice-versa.
•
Question 9: I have setup my tunnel and the status still says 'Not Connected'. What
should I do now?
VPN tunnels are negotiated on an "as-needed" basis. If you have not sent any traffic
between the two subnets, the tunnel will not get established. Once a packet is sent between
the two subnets, the VPN tunnel setup occurs.
•
Question 10: I still can't get my tunnel to work after attempting to initiate traffic
between the two subnets. What now?
Try the following troubleshooting tips:
• Verify you can ping each of the remote Gateway IP addresses from clients on either side.
Failed pings can indicate general network connection problems.
• Pinging the internal gateway address of the remote subnet should run the ping through
the tunnel as well. Allowing you to test, even if there are no clients on the remote end.
• Try re-setting the shared secret password on the access point.
•
Question 11: My tunnel works fine when I use the LAN-WAN Access page to
configure my firewall. Now that I use Advanced LAN Access, my VPN stops
working. What am I doing wrong?
VPN requires certain packets to be passed through the firewall. Subnet Access
automatically inserts these rules for you when you do VPN. Advanced Subnet Access
requires these rules to be in effect for each tunnel.
B-7
Usage Scenarios