Table of Contents
Advertisement
13. Click Add to List to put the address/mask pair into the Current Network/Mask Pairs for this
Hop list box, which also associates the pair with the IP address of the next hop router.
14. Click Finished to return to the Static Route tab.
15. Click Save.
16. When you want to send the configuration to one or more security gateways, click Update
Devices.
Default Gateway for VPN Traffic (VPNos 3.X)
The default gateway for VPN traffic policy allows the administrator to specify a gateway that is
used for either decrypted traffic, encrypted traffic, or both. Beginning with VPNos 4.5, the default
gateway for VPN traffic policy allows the administrator to specify a gateway that is used for
decrypted traffic only.
This configuration is commonly applied to a VSU in the following topology:
Figure 27: Common Default Gateway for VPN Traffic topology
Figure 27
shows the default gateway of the VSU as R
configured to protect several LANs on the other side of R
VSU.
In this topology, the administrator configures R
the Default Gateway for VPN Traffic with the decrypted box checked. Using this configuration
and checking the decrypted traffic box, all decrypted VPN traffic would be forwarded to R
all encrypted traffic would be forwarded to R
Traffic removes the need for a configured static route on the VSU for each protected LAN.
Note:
Configured static routes take precedence over the Default Gateway for VPN
Note:
Traffic.
Using Device tabs to configure the security gateway
, the Internet gateway. The VSU is
1
, the router on the private side of the
2
as the default gateway of the VSU and R
1
. In this application, the Default Gateway for VPN
1
as
2
and
2
Issue 4 May 2005
83
Advertisement
Table of Contents
