FVS338 ProSafe VPN Firewall 50 Reference Manual
•Manual. All settings (including the keys) for the VPN tunnel are manually input at each end (both VPN endpoints). No third party server or organization is involved.
•Auto. Some parameters for the VPN tunnel are generated automatically by using the IKE (Internet Key Exchange) protocol to perform negotiations between the two VPN endpoints (the Local ID Endpoint and the Remote ID Endpoint).
In addition, a CA (Certificate Authority) can also be used to perform authentication (see “Certificates” on page
VPN Policy Operation
The VPN Policies screen allows you to add additional
1.Traffic covered by a policy will automatically be sent via a VPN tunnel.
2.The VPN tunnel is created according to the parameters in the SA (Security Association).
3.The remote VPN Endpoint must have a matching SA, or it will refuse the connection.
VPN Policy Table
When you use the VPN Wizard to set up a VPN tunnel, both a VPN Policy and an IKE Policy is established and populated in both Tables on the VPN Policies screen. The name you selected as the VPN Tunnel connection name during Wizard setup identifies both the VPN Policy and IKE Policy. You can also edit exiting policies, add new VPN policies directly or change the policy hierarchy to the Policy Table. The Policy Table contains the following fields:
•! (Status). Indicates whether the policy is enabled (green circle) or disabled (grey circle). To Enable or Disable a Policy, check the radio box adjacent to the circle and click Enable or Disable, as required.
•Name. Each policy is given a unique name (the Connection Name when using the VPN Wizard). Client Policies are annotated by an “*”.
•Type. The Type is “Auto” or “Manual” as described previously (Auto is used during VPN Wizard configuration).
Virtual Private Networking |
