NETGEAR SRX5308 Reference Manual page 171

ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
3. Complete the settings as explained the following table:
Table 40. Add New VPN Policy screen settings
Setting
General
Policy Name
Policy Type
Select Local Gateway
Remote Endpoint
Enable NetBIOS?
Enable RollOver?
Enable Keepalive
Note: See also
Configure Keep-Alives
and Dead Peer
Detection on page 193.
Virtual Private Networking Using IPSec Connections
Description
A descriptive name of the VPN policy for identification and management
purposes.
Note: The name is not supplied to the remote VPN endpoint.
From the drop-down list, select one of the following policy types:
• Auto Policy. Some settings (the ones in the Manual Policy Parameters
section of the screen) for the VPN tunnel are generated automatically.
• Manual Policy. All settings need to be specified, including the ones in the
Manual Policy Parameters section of the screen.
From the drop-down list, select one of the four WAN interfaces to function as the
local gateway.
Select a radio button to specify how the remote endpoint is defined:
• IP Address. Enter the IP address of the remote endpoint in the fields to the
right of the radio button.
• FQDN. Enter the FQDN of the remote endpoint in the field to the right of the
radio button.
Select this check box to allow NetBIOS broadcasts to travel over the VPN
tunnel. For more information about NetBIOS, see
with IPSec VPN on page 196. This feature is disabled by default.
If you have configured the VPN firewall to function in WAN auto-rollover mode
(see Configure the Auto-Rollover Mode and Failure Detection Method
page 34), select the Enable RollOver? check box. Then, from the
corresponding drop-down list, select the backup WAN interface. After an
auto-rollover has occurred, the VPN tunnel will be reestablished using the
backup WAN interface. This feature is disabled by default.
Select a radio button to specify if keep-alive is enabled:
• Yes. This feature is enabled. Periodically, the VPN firewall sends keep-alive
requests (ping packets) to the remote endpoint to keep the tunnel alive. You
need to specify the ping IP address in the Ping IP Address field, detection
period in the Detection Period field, and the maximum number of keep-alive
requests that the VPN firewall sends in the Reconnect after failure count field.
• No. This feature is disabled. This is the default setting.
Ping IP Address The IP address that the VPN firewall pings. The address
needs to be of a host that can respond to ICMP ping
requests.
Detection Period The period in seconds between the keep-alive requests.
The default setting is 10 seconds.
Reconnect after The maximum number of keep-alive requests before the
failure count VPN firewall tears down the connection and then attempts
to reconnect to the remote endpoint. The default is 3
keep-alive requests.
171
Configure NetBIOS Bridging
on