Accessing the OnBoard Appliance and Connected Devices : Creating a VPN Tunnel

Creating a VPN Tunnel
The authorized user creates a VPN tunnel using either IPSec or PPTP. A user authorized for native IP can access native IP functionality through the Web Manager or through using ssh device management commands after creating a tunnel using either IPSec or PPTP.
Figure 2.2 shows an illustration of a single user’s workstation running IPSec on the right end and the OnBoard appliance on the left end, with a router and the Internet between the OnBoard appliance and the user’s workstation.
OnBoard Appliance VPN Example Using IPSec
Typically, the user configures a named VPN connection profile (or shortcut) on the user’s workstation, using either IPSec or PPTP. The name on the user’s end for a preconfigured VPN connection profile might be the name of the OnBoard appliance. The name on the OnBoard appliance end for a VPN connection profile might simply be the name and location of the user.
NOTE: Most systems, including the OnBoard appliance, refer to configuring a VPN connection, but until the connection is actually made, what is informally called a VPN connection is actually a named connection profile or connection shortcut, which stores the information the computer needs in order to establish the connection.
The prerequisites are shown in the following list:
The user on the remote workstation and the OnBoard appliance administrator have configured VPN connection profiles from both sides to support the VPN connection. See Creating a VPN Tunnel for more details.
An authorized user can enable native IP access in one of the following two ways:
If the authorized user is connected to the OnBoard appliance’s console, the user can select the Enable native IP option that appears in the onbdshell menu for the selected SP.
The VPN connection must remain active for the duration of the native IP session.
CAUTION: To prevent unauthorized users from accessing the native IP features of the device, when you are finished, always disable any native IP sessions and then close the VPN connection.
The following table lists the tasks associated with gaining native IP access to a device using VPN and provides links to where the tasks are documented.
Set up a VPN connection and route to the OnBoard appliance
Access a native management application