IPSec 783Programming Operations GuideThe following example describes how to configure a Business Communications Manager with aContivity Extranet Switch when NAT is required on the Business Communications Manager andexternal access is required on the same interface as the tunnel (split tunneling).Configuring the Business Communications ManagerUsing the same systems from the previous example, we will now enable NAT and turn on DefaultRules on the Business Communications Manager. The gateway for the LAN 2 interface is47.82.30.1. For information about how to change NAT parameters, refer to refer to “ConfiguringNAT (Network Address Translation)” on page 737.1 Set the Local Endpoint to 47.81.20.50.2 Set the Remote Endpoint to 47.82.30.60.3 Set the Preshared Key to 123.4 Set the Key Type to Text.5 Set the Local Accessible Networks to 47.81.20.50 with mask 255.255.255.255 and 10.10.11.0with mask 255.255.255.0.6 Set the Remote Accessible Networks to 14.14.14.0 with mask 255.255.255.0.7 Under Net Link Manager, set the next hop to 47.82.30.1.Configuring the Contivity Extranet SwitchThe gateway for the Public LAN interface is 47.81.20.1.1 Go to Profiles->Network and create a Network with the IP address 14.14.14.0 with mask255.255.255.0. You will use this for the Local Accessible Networks for your Branch OfficeConnection.2 Under Profiles->Branch Office, create a Group based on the Base class.3 Under this new Group, change the Vendor ID to Disabled and change Compression toDisabled. Business Communications Manager does not support Vendor ID or Compression.4 Select Define Branch Office Connection.5 Set the routing type to be Static.6 Set the Local Endpoint to 47.82.30.60 and the Remote Endpoint to 47.81.20.50.7 Under Local Accessible Networks, select the Network that was created earlier.8 Set the Remote Accessible Networks to 10.10.11.0 with mask 255.255.255.0 and 47.81.20.50with mask 255.255.255.255.9 For the Preshared Key, select the Text button and set the key to '123'. This must match theBusiness Communications Manager key.10 Mark the box for Enable Branch Office Connection.11 Set the Public Default Route to 47.81.20.1.
