Appendices : Device Configuration : Configuring a private subnet

Configuring a private subnet
An administrator configures a private subnet by doing the following:
Designating one of the IP addresses within the specified range to be used by the OnBoard appliance. The OnBoard-side address must be used by users when creating a IPSec VPN connection to enable native IP access.
The OnBoard appliance uses the specified information to create a route to the private subnet.
The range of IP addresses is derived from the information shown in Table D.9, which the administrator supplies to define a private subnet:
Devices use this address when communicating with the OnBoard appliance. The OnBoard appliance uses this address when communicating with devices. This address must be within the private subnet’s IP address range.
The system derives the range of addresses that can be used for talking to devices by using the network portion of the OnBoard’s IP address and from the private subnet netmask that the administrator specified.
When configuring a device, the administrator assigns the private subnet to the device and assigns an IP address within the range specified for the private subnet. The OnBoard appliance uses the device’s IP address when talking to a device, and devices use the OnBoard appliance’s assigned address when talking the OnBoard appliance.
When a private subnet is configured, the private subnet name is assigned to the priv0 interface in the form priv0:private_subnet-name along with the IP address assigned to the OnBoard appliance in the form inet addr: OnBoardIPaddr. If multiple private subnets are configured, multiple priv0:private_subnet-name interfaces exist, each with its administratively-configured private subnet IP address for the OnBoard. See the following examples for sample ifconfig output: