Accessing the OnBoard and Connected Devices > Creating a VPN Tunnel

Creating a VPN Tunnel
The authorized user creates a VPN tunnel using either IPSec or PPTP. A user authorized for Native IP can access native IP functionality through the Web Manager or through using ssh device management commands after creating a tunnel using either IPSec or PPTP.
The following figure shows an illustration of a single user’s workstation running IPSec on the right end and the OnBoard on the left end, with a router and the Internet between the OnBoard and the user’s workstation.
OnBoard VPN Example Using IPSec
Typically, the user configures a named VPN connection profile (or shortcut) on the user’s workstation, using either IPSec or PPTP. The name on the user’s end for a preconfigured VPN connection profile might be the name of the OnBoard. The name on the OnBoard end for a VPN connection profile might simply be the name and location of the user.
Note: Some systems, including the OnBoard, refer to configuring a VPN connection, but until the connection is actually made, what is informally called a VPN connection is actually a named connection profile or connection shortcut, which stores the information the computer needs in order to establish the connection.
The following prerequisites must be complete:
The user on the remote workstation and the OnBoard administrator have configured VPN connection profiles from both sides to support the VPN connection. See Creating a VPN Tunnel for more details.
The user has logged into the OnBoard, either through the Web Manager or through the command line, and has been authenticated.
When all the above are true, an authorized user can enable native IP access in one of the following two ways:
If the authorized user is connected to the OnBoard’s console, the user can select the “Enable native IP” option that appears in the onbdshell menu for the selected service processor.
If the authorized user is logged into the Web Manager, the user can choose “Enable Native IP” for the desired device on the Devices screen.
The VPN connection must remain active for the duration of the native IP session.
Caution! To prevent unauthorized users from accessing the native IP features of the device, when you are finished, always disable any native IP sessions and then close the PPTP VPN connection.
The following table lists the tasks associated with gaining native IP access to a device using VPN and provides links to where the tasks are documented.
Set up a VPN connection and route to the OnBoard

Accessing the OnBoard and Connected Devices > Creating a VPN Tunnel