Casio ISA550WBUN3K9 manual Vpn

•Authentication Method: Choose one of the following authentication methods:

-Pre-shared Key: Uses a simple, password-based key to authenticate. If you choose this option, enter the desired value that the peer device must provide to establish a connection in the Key field. The pre-shared key must be entered exactly the same here and on the remote peer.

-Certificate: Uses the digital certificate from a third party Certificate Authority (CA) to authenticate. If you choose this option, select a CA certificate as the local certificate from the Local Certificate drop-down list and select a CA certificate as the remote certificate from the Remote Certificate drop-down list. The selected remote certificate on the local gateway must be set as the local certificate on the remote peer.

NOTE: You must have valid CA certificates imported on your security appliance before choosing this option. Go to the Device Management > Certificate Management page to import the CA certificates. See Managing Certificates for Authentication, page 418.

•WAN Interface: Choose the WAN port that traffic passes through over the IPsec VPN tunnel.

•Local Network: Choose the IP address for the local network. If you want to configure the zone access control settings for site-to-site VPN, choose Any for the local network. Then you can control incoming traffic from remote VPN network to the zones over the VPN tunnels.

•Remote Network: Choose the IP address of the remote network. You must know the IP address of the remote network before connecting the VPN tunnel.

For the example as illustrated in Figure 3, Site A has a LAN IP address of 10.10.10.0 and Site B has a LAN IP address of 10.20.20.0. When you configure site-to-site VPN on Site A, the local network is 10.10.10.0 and the remote network is 10.20.20.0.

If the address object that you want is not in the list, choose Create a new address to add a new address object or choose Create a new address group to add a new address group object. To maintain the address and address group objects, go to the Networking > Address Management page. See Address Management, page175.

NOTE: The security appliance can support multiple subnets for establishing the VPN tunnels. You should select an address group object including multiple subnets for local and/or remote networks.