IPTL - Network Extension

Network Communications Simplified™
Point-to-Point Network Extension

over ADSL with the IpTL 75
What you can do with this Guide.
 Setup two Model 75’s FastLane devices across an ADSL & IP
network.
 Stub at the main office (e.g. “extends”
the PC from the Main office to the
remote office.)
 Inline at the Remote office (e.g. all Remote LAN traffic is to/from the main
office LAN…including any default Internet gateway.)
 Securely Bridge together two LANs (office/HQ and remote office.)
IPTL Corporate Confidential – Covered Under NDA – No prior use without authorization 2
Prerequisites, Assumptions, and Givens
 Two Model 75 devices running software rev. 1.2.4 or later.
 A DHCP server running on at the Main Office/HQ with at least one lease/address available
(used for the far-end PC at the remote office)
 If the Model 75 at the Main Office/HQ site is behind a NAT router…
 You will need a Static IP/Mask (can be RFC1918 address) for the uplink Ethernet port
Model 75.
 Forwarding of UDP 1194 from the Router public IP to the Private address of the Model
75.
 If the Model 75 at the Main Office/HQ site will be installed with a Globally Addressable IP
(e.g. Valid IP)…
 The Static IP/mask for the uplink Ethernet port
 No port forwarding needed (directly accessible from the IP network)
Reference Architecture
Ethernet
Ethernet
Ethernet
 Laptop/PC “B” will be connected to the Main Office/HQ LAN.

 From a logical Ethernet point of view, PC A and PC B are “on the same wire
and on the same LAN.
Reference Architecture - Protocol View
DHCP from ADSL Static IP for Tunnel
TLS Encrypted Tunnel Established Between M75 endpoints
Bridged Ethernet Frames Sent between M75’s
Main Site Setup – Physical Connections
 Connect the power adapter to the power input on the back of

the M75.
 Connect the M75 to the Local Area Network by connecting the
uplink port to the LAN Ethernet switch.
 NOTE: If using PoE, connect the

M75 uplink port to the Ethernet
switch supply PoE. This will provide
power and LAN connectivity.
(yes, you can do the whole application with one connection!)
Main Site Model 75 Configurations
 Set the unit IP address
 Log into the M75
 Select Networki ->
 Un-Check the DHCP radio-button
 Input the Static IP, Mask, Default
Gateway, and DNS servers
 to input your changes.
 Be sure to save your changes!
You may leave the Secondary IP as-is to provide an alternative access to the unit.
If needed, the DNS servers of 8.8.8.8 and 8.8.4.4 are Google Public DNS servers.
Main Site Model 75 Configurations…continued
 Select ->
 Under Tunnel Options ensure the
following are set and submit
 Tunnel Mode = Local
 Protocol = UDP
 Cipher = AES 256
 Compression = enabled
 Pass TOS Field = disabled
 Under Server Options ensure the

following are set and submit
 Listen Port = 1194
 Keepalive sent = 10
 Restart after = 30
 Client-to-Client = enable This function is to permit/deny
remote traffic hair-pin from one tunnel to another.
Note this setting only important for multiport units
(e.g. Model 78/72/79) and has no effect for Model 75.
Main Site Model 75 Configurations…continued
 Select ->
 Ensure that there are NO check boxes selected.
 Uncheck any check boxes that are active and
 Note: It is the factory default to Block Traffic Uplink <->
Tunnel and Block Traffic Local <-> Uplink
Main Site Network Integration Setup
 UDP Port 1194 must be statically

mapped from the public IP side
to the Private Side address of the
M75. (e.g. 192.168.100.170)
 This permits any INBOUND
requests from the public IP 1194
(e.g. 213.132.60.1) to be forwarded
to the M75 for termination.
Note: This is only required on server/local side setup. NOT needed on Remote/Clients
Note: If the M75 has a public IP address then there is NO static mapping.
Examples of Port Mapping
 Cisco IOS Entry

ip nat inside source static udp 192.168.100.170 1194 231.132.60.1 1194
 Linksys WRT160
 Port forwarding is found under
Applications and Gaming
Only If you have a dynamic IP at the Main Site Router
 Use DynDns to support a dynamic IP at the main site

 Register a free account at https://www.dyndns.com/account/services/hosts/add.html
 Select ->
 Enter in your DynDNS
credentials
 Username
 Password
 Hostname
 Sub to implement
Remote Site Setup – Physical Connections
 Connect the power adapter to the power input on the back

of the M75.
 Connect the M75 to the ADSL NTU by connecting the uplink
port to Ethernet LAN Port of the NTU
 Connect one of the Local ports on the M75 to the Local
Area Network of the Remote office.
Note: All three Local ports are connected
To the bridge group and do not function
as an Ethernet mini-switch.
Remote Site Model 75 Configurations
 Set the unit IP address
 Log into the M75
 Select Networ ->
 Ensure the DHCP radio-button is
checked
You may leave the Secondary IP
as-is to provide an alternative
method to access to the unit.
Remote Site Model 75 Configurations…continued
 Select Tunnel- ->
 Under Tunnel Options ensure the
following are set and
 Tunnel Mode = remote
 Protocol = UDP
 Cipher = Blowfish
 Compression = enabled
 Pass TOS Field = enabled
 Under Client Options ensure the

following are set and t
 Remote IP: <the Public IP of your Server>
 Remote Port: 1194
Note: These are the factory default settings
 Select IP Filt->
 Ensure that the following check boxes ARE selected:
 Block Traffic Uplink <-> Tunnel – This prevents Tunnel Ethernet Traffic and
WAN/Uplink port Ethernet Traffic from bridging to each other.
 Block Traffic Local <-> Uplink – This prevents the Local Ethernet and the Uplink
Ethernet from bridging to each other.
 This ensures ONLY tunnel Ethernet traffic available to the remote site.
 Select DHCP
 Ensure that the DHCP server within
the M75 is unchecked
 This will permit DHCP requests
to traverse the tunnel and
be controlled by the Main Site
DHCP server.
Status of the Connection
 There is NO PORT Mapping required at the remote sites.

 No DynDNS required…IP addresses can change without affecting connectivity.
 The Remote Site M75 will continuously attempt an outbound connection to
the Server Main Site M75 unit.
 Once both the Main Site and Remote Sites are configured the tunnel and
Ethernet bridging will be established automatically.
 The Front Panel TUNNEL indicator will show tunnel status of a successful link.
 All Laptops/PC’s and Hosts a the remote will
DHCP their addresses from the Main Site
DHCP server.
Testing and Use
 To test the link – have the Laptop/PC B “ping” a host at the central site or have
Laptop/PC A ping a host at the remote site.
 All traffic at the Remote Site will traverse the tunnel to the Main Site…including any
default gateways to the Internet (allows for acls’s and control of ALL network traffic!).
 Split tunneling can be implemented by removing the Local <-> Uplink block.
Simplified Networking Products for Connectivity Anywhere
IP Technology Labs, LLC.

3470 Olney-Laytonsville Rd#313 Network Communications Simplified™
Olney MD 20832 USA
E: support@IpTechnologyLabs.com
W: http://www.IpTechnologyLabs.com
T:+1 301 570 6611
F:+1 301 570 8049
Thank You for your Attention!


IPTL - Network Extension

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

IPTL - Network Extension

Uploaded by

Copyright:

Available Formats

Network Communications Simplified™

Point-to-Point Network Extension

 Laptop/PC “B” will be connected to the Main Office/HQ LAN.

DHCP from ADSL Static IP for Tunnel

TLS Encrypted Tunnel Established Between M75 endpoints

Bridged Ethernet Frames Sent between M75’s

 Connect the power adapter to the power input on the back of

 NOTE: If using PoE, connect the

 Under Server Options ensure the

 UDP Port 1194 must be statically

 Cisco IOS Entry

 Use DynDns to support a dynamic IP at the main site

 Connect the power adapter to the power input on the back

 Under Client Options ensure the

 There is NO PORT Mapping required at the remote sites.

IP Technology Labs, LLC.

Thank You for your Attention!

You might also like