VPN
Configuring a Site-to-Site VPN
Cisco ISA500 Series Integrated Security Appliances Administration Guide 343
8
The IPsec VPN policy is used to establish the VPN connection between two
peers. ISA550 and ISA550W support up to 50 IPsec VPN tunnels. ISA570 and
ISA570W support up to 100 IPsec VPN tunnels.
NOTE Before you create an IPsec VPN policy, make sure that the IKE and transform
policies are configured. Then you can apply the IKE and transform policies to the
IPsec VPN policy.
STEP 1 Click VPN > Site-to-Site > IPsec Policies.
STEP 2 To add a new IPsec VPN policy, click Add.
Other options: To edit an entry, click the Edit (pencil) icon. To delete an entry, click
the Delete (x) icon. To delete multiple entries, check them and click Delete.
The IPsec Policies - Add/Edit window opens.
STEP 3 In the Basic Settings tab, enter the following information:
•Description: Enter the name for the IPsec VPN policy.
•IPsec Policy Enable: Click On to enable the IPsec VPN policy, or click Off to
create only the IPsec VPN policy.
•Remote Type: Specify the remote peer:
-Static IP: Choose this option if the remote peer uses a static IP address.
Enter the IP address of the remote peer in the Remote Address field.
-Dynamic IP: Choose this option if the remote peer uses a dynamic IP
address.
-FQDN (Fully Qualified Domain Name): Choose this option to use the
domain name of the remote network, such as vpn.company.com. Enter
the domain name of the remote peer in the Remote Address field.
For the example as illustrated in Figure 3, the remote site , Site B, h as a publi c
IP address of 209.165.200.236. You should choose St atic IP and enter
209.165.200.236 in the Remote Address field.