![background image](http://html.mh-extra.com/html/cisco/intraport-carrier-8/intraport-carrier-8_administrators-manual_64933027.webp)
Chapter 6 - Functionality and Configuration Overview
22
A more complicated configuration, showing two different VPN groups for Company A, and
requiring all of Company B’s VPN clients to tunnel all traffic back through the company
intranet (and by extension through the company firewall for traffic which is bound for outside
destinations) is shown below.
[ IP Wan 0 ]
Numbered = On
Mode = Routed
RIPVersion = V2
SubnetMask = 255.255.255.0
IPAddress = 38.0.0.1
[ Link Config Wan 0 ]
Mode = FrameRelay
[ Frame Relay Wan 0 ]
MaintProtocol = AnnexD
[ General ]
SoftwareVersion = IntraPortCarrier
DeviceType = IntraPortCarrier
[ VPN Users ]
corpauser-den Config="Corporate A-Denver" SharedKey="corporatea"
corpauser-sf Config="Corporate A-SFrancisco" SharedKey="corporatea"
corpbuser Config="Corporate B-San Francisco" SharedKey="corporateb"
# This is a sample user configuration for each of the corporations.
# This is the IPCs internal authentication database. These users
# may be stored in a RADIUS database and are only shown here for
# for the example.
[ SNMP ]
AdminName = IntraPortCarrier
Domain = ipc.pci.com
Location =
[ Logging ]
LogToAuxPort = Off
Level = Debug
Enabled = Off
[ Bridging Global ]
Mode = Off
[ RADIUS ]
PrimAddress = 38.100.100.1
Authentication = TRUE
Accounting = TRUE
Secret = yourRadiusPW
[ VPN Group "Corporate A-Denver" ]
ipnet = 38.1.1.0/24
bindto = "Wan 0"
maxconnections = 32
transform = ESP(MD5,DES)
localipnet = 38.0.0.100/27
vpngroupdlci = 16
# This is the VPN configuration for the Denver office of Corporate A.
# The ’ipnet’ keyword specifies the IP address of the corporate LAN. These
# are the addresses that the client will get when a connection is established
# and used by it to create VPN packets to be forwarded to the corporate net.
# The ’localipnet’ specifies the pool of addresses that the IPC
# will use to translate the source address of the unwrapped IP packet
# being forwarded to the corporate intranet. This pool must be reserved
# for use by the IPC and should include as many addresses as specified
# in the 'maxconnections' keyword. The ‘vpngroupdlci’ maps this group’s