Mushroom Networks Documentation

How can I encrypt VLL traffic?

Encrypted VLL traffic using VPN

Setup a VLL tunnel between the 2 sites

 

  • Add a Remote LAN on Headoffice Truffle (under Home tab) with the following settings:

  • Add a Remote LAN on Remote site Truffle (under Home tab) with the following settings:

  • Remote IPs/Name will be the public IP address that is set on Headoffice Truffle’s WAN link.

  • Note /32 Remote LAN subnet mask on both sides

  • Once the configuration is complete you should see under Remote LAN status as Client Connections 1/1, this is assuming you have 1 WAN connection on Remote Site and 1 WAN connection on Headoffice side



Setup a VPN connection between the 2 sites

 

Once VLL is establish between the 2 sites, configure the VPN server instance on Head-office Truffle:

  • Setup VPN Server instance

Unique Name:

A unique name assigned to a VPN client or server for purposes of being able to easily identify VPN messages in the log file as well as associating ancillary data to a VPN instance such as a list of authorized users and their subnets.

Status:

Current VPN status, for user specific instance please check the status under ‘VPN user for servers’.

MTU:

Maximum transmission unit for the VPN, default value of 1400.

(Server CA Certificate) certificate:

CA certificate used to authenticate the server. This needs to be entered on the client VPN entry on the remote server.

Port port:

Port for the server to listen on, default 1194

 

  • Setup VPN users for servers (Under Advanced tab)

Server Unique Name:

The VPN server’s unique name that this user information pertains to.

Status:

Current VPN user status, or blank if not yet initialized.

Username:

VPN username

Password:

VPN password

Subnet:

VPN subnet in CIDR notation (make sure to have the subnet mask included otherwise the default subnet mask of /32 is applied).

 

  • Setup VPN Client instance (Under Advanced tab)

  • Note, the Destination Host, is the LAN IP of Headquarter’s Truffle, and the Subnet is the Head-office’s LAN subnet. Make sure to use the CIDR notation with subnet mask otherwise the default /32 bit subnet mask is applied.
  • Copy the Server CA Certificate from the Server’s end and paste it in the same box at the Client’s end.
  • Verify the “up” status on both ends under VPN instance (under Advanced tab).

© 2004 – 2024 Mushroom Networks Inc. All rights reserved.

Let’s chat. Call us at +1 (858) 452-1031 or fill the form: