Chapter 12 IPSec VPN
The following table describes the fields in this screen.
Table 74 Security > IPSec VPN > IPSec Setting > IKE
LABEL | DESCRIPTION |
IPSec Setting |
|
|
|
Enable | Select this check box to activate this VPN policy. This option |
| determines whether a VPN rule is applied before a packet leaves the |
| firewall. |
|
|
IPSec | Type up to 60 alphanumeric characters to identify this VPN policy. You |
Connection | may use spaces, underscores and dashes, but the |
Name | drops trailing spaces. |
|
|
Remote IPSec | Type the WAN IP address or the URL (up to 31 characters) of the IPSec |
Gateway | router with which you're making the VPN connection. |
Address |
|
|
|
Tunnel access | Specify the IP addresses of the devices behind the |
from local IP | that can use the VPN tunnel. The local IP addresses must correspond to |
addresses | the remote IPSec router's configured remote IP addresses. |
| Two active SAs cannot have the local and remote IP address(es) both |
| the same. Two active SAs can have the same local or remote IP |
| address, but not both. You can configure multiple SAs between the |
| same local and remote IP addresses, as long as only one is active at |
| any time. |
| Use the |
| Single Address for a single IP address. Select Subnet to specify IP |
| addresses on a network by their subnet mask. |
|
|
IP Address | When the local IP address type is configured to Single Address, enter |
for VPN | a (static) IP address on the LAN behind your |
| When the local IP address type is configured to Subnet, enter a |
| (static) IP address on the LAN behind your |
|
|
IP | When the local IP address type is configured to Single Address, this |
Subnetmask | field is not available. |
| When the local IP address type is configured to Subnet, enter a subnet |
| mask on the LAN behind your |
|
|
Tunnel access | Specify the IP addresses of the devices behind the remote IPSec router |
from remote IP | that can use the VPN tunnel. The remote IP addresses must correspond |
addresses | to the remote IPSec router's configured local IP addresses. |
| Two active SAs cannot have the local and remote IP address(es) both |
| the same. Two active SAs can have the same local or remote IP |
| address, but not both. You can configure multiple SAs between the |
| same local and remote IP addresses, as long as only one is active at |
| any time. |
| Use the |
| Single Address with a single IP address. Select Subnet to specify IP |
| addresses on a network by their subnet mask. |
|
|
IP Address | When the remote IP address type is configured to Single Address, |
for VPN | enter a (static) IP address on the network behind the remote IPSec |
| router. |
| When the remote IP address type is configured to Subnet, enter a |
| (static) IP address on the network behind the remote IPSec router. |
|
|
258 |
| |
| ||
|
|
|