ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual

Table 7-2. (IPsec) VPN Wizard Settings for a Gateway-to-Gateway Tunnel (continued)

Setting

Description (or Subfield and Description)

 

 

This VPN tunnel will use

For the UTM25 only, select one of the two radio buttons (WAN1 or

following local WAN Interface

WAN2) to specify which local WAN interface the VPN tunnel uses as

(UTM25 only)

the local endpoint.

 

Note: If the UTM25 is configured to function in WAN auto-rollover

 

mode, after completing the wizard, you must manually update the VPN

 

policy to enable VPN rollover. For more information, see “Manually

 

Adding or Editing a VPN Policy” on page 7-32.

 

 

End Point Informationa

 

 

 

What is the Remote WAN's IP

Enter the IP address or Internet name (FQDN) of the WAN interface on

Address or Internet Name?

the remote VPN tunnel endpoint.

 

 

What is the Local WAN's IP

When you select the Gateway radio button in the About VPN Wizard

Address or Internet Name?

section of the screen, the IP address of the UTM’s active WAN

 

interface is automatically entered.

 

 

Secure Connection Remote Accessibility

 

 

What is the remote LAN IP

Enter the LAN IP address of the remote gateway.

Address?

Note: The remote LAN IP address must be in a different subnet than

 

the local LAN IP address. For example, if the local subnet is

 

192.168.1.x, then the remote subnet could be 192.168.10.x. but could

 

not be 192.168.1.x. If this information is incorrect, the tunnel will fail to

 

connect.

 

 

What is the remote LAN

Enter the LAN subnet mask of the remote gateway.

Subnet Mask?

 

 

 

a. Both local and remote endpoints should be defined as either FQDNs or IP addresses. A combination of an IP address and a FQDN is not supported.

.

Tip: To assure tunnels stay active, after completing the wizard, manually edit the VPN policy to enable keepalive which periodically sends ping packets to the host on the peer side of the network to keep the tunnel alive. For more information, see “The VPN Policies Screen” on page 7-30.

.

Tip: For DHCP WAN configurations, first set up the tunnel with IP addresses. After you have validated the connection, you can use the wizard to create new policies using the FQDN for the WAN addresses.

7-6

Virtual Private Networking Using IPsec Connections

v1.0, September 2009

Page 216
Image 216
NETGEAR UTM25-100NAS Adding or Editing a VPN Policy on, End Point Information a, Secure Connection Remote Accessibility