Configuration of the private subnets shown in Example 2: Two Private Subnets is described in the following bulleted list:
• The primary Ethernet port is configured with IP address 203.1.2.3 and subnet mask 255.255.255.0.
• A default route is automatically created using a gateway IP 203.1.2.254, which the administrator assigned when configuring the primary Ethernet port.
• Private subnets are configured as aliases to priv0 by defining the OnBoard side IP addresses and netmasks shown in Example 2: Two Private Subnets and listed here:The above values define a range between 197.168.1.0 and 192.168.1.255 = 256 addresses, of which 254 are usable.The above values define a range between 197.168.4.0 and 192.168.7.255 = 1054 addresses, of which 1022 are usable. This subnet is defined with this address range because device “sp3” and “sp4” have previously been assigned IP addresses within this range, and the addresses cannot be changed.The following figure shows the values entered on the Web Manager Network Æ Private subnet screen to implement the private subnets in this example.Example 2: Values for Configuring Two Subnets on the Network Æ Private Subnet ScreenAs shown in the example output from the ifconfig command on the OnBoard in the following figure, both private subnet names are assigned as aliases to the priv0 interface, and the OnBoard-side IP addresses and subnet masks from Example 2: Values for Configuring Two Subnets on the Network Æ Private Subnet Screen are assigned to the each alias.:
ifconfig Output With priv0 Aliases for Two Private SubnetsThe configuration of the devices shown in Example 2: Two Private Subnets is described in the following bulleted list:
• “sp1” is on private subnet “sub1,” so it needs an IP address in the range 192.168.1—192.168.1.255: 192.168.1.2.
• “sp3” is on private subnet “sub2.” It has previously been assigned the IP address 192.168.4.21, which cannot be changed.
• “sp4” is also on private subnet “sub2.” It has previously been assigned IP address 192.168.4.22 and its address cannot be changed either.The following figure shows the values specified on the Web Manager Config Æ Devices: Add new devices dialog to specify the private subnet, and the device IP for “sp1,”, “sp2,” “sp3,” and “sp4.”Example 2: Four Devices Configured on the Web Manager Config Æ Devices ScreenThe OnBoard administrator must do the following to configure the user to be able to create the VPN tunnel:
• Make sure the user who needs the VPN access has an account that is authorized for native IP access to the devices.The following screen example shows the configuration information entered on the Config Æ Users and groups: Device Access dialog to authorize a user name “allSPs” for native IP access to all four devices in this example.Example 2: Configuration for a User Account Authorized for Native IP Access to All Configured DevicesA VPN connection must exist before a user can access native IP management features on a device. The following table lists examples that show how the VPN connections can be created using IPSec or PPTP. For these examples, the IP address of the user’s workstation is 12.34.56.78.