![]() |
For an authorized user to access native IP functionality on a connected SP, the user needs to create a VPN connection to the OnBoard appliance. An authorized user can create PPTP VPN connections from Linux, Windows or Macintosh operating systems.The tasks listed below must be performed by the OnBoard appliance administrator before any user can make a PPTP VPN connection:
• Create a VPN connection profile on the OnBoard appliance specifying a pool of addresses for the OnBoard appliance and for the remote user’s computer at the other end.When the user creates the PPTP VPN connection, PPTP creates a new virtual interface on the user’s host and assigns an IP address from the OnBoard’s IP address pool to the interface. The user must use this address when connecting to the OnBoard to enable native IP access to a device.
• Authorize the user for PPTP access and provide the user with the PPTP password, which may be different from the password that the user uses for accessing the OnBoard appliance.Make sure the workstation can access the OnBoard appliance by entering the OnBoard appliance’s public IP address in a browser to try to bring up the Web Manager.
• If a network or host route is needed, create a route to the private subnet where the device resides or to the real or virtual IP address of the device.
• Configure a PPTP VPN connection profile with the following information obtained from the OnBoard appliance administrator:
• Enter the ifconfig or ipconfig command on the command line of the user’s workstation to discover the IP address assigned to the OnBoard appliance’s end of the PPTP link.
• Enter the OnBoard appliance’s PPTP-assigned address either in a browser or with ssh on the command line to access the OnBoard appliance.
• Create a static route to inform the workstation that the devices to be contacted are at the other end of the point-to-point link at the OnBoard appliance’s PPTP-assigned address.
• If multiple private subnets have been configured without a virtual network (DNAT), then create a route for each subnet.CAUTION:Remind users to always disable native IP before closing the PPTP VPN connection to prevent other users from potentially being able to obtain unauthorized and unauthenticated access to native IP features of the device.