Section
Field Description
Local Secure
Select the local LAN user(s) that can use this VPN tunnel. This may be a single IP
Group
address or sub-network. Note that the Local Secure Group must match the remote
gateway's Remote Secure Group.
IP
Enter the IP address of the local network
Mask
If the Subnet option is selected, enter the mask to determine the IP address on the
local network
Remote
Select the remote LAN user(s) behind the remote gateway who can use this VPN
Secure
tunnel. This may be a single IP address, a sub-network, or any addresses. If "Any"
Group
is set, the Gateway acts as responder and accepts requests from any remote user.
Note that the Remote Secure Group must match the remote gateway's Local Secure
Group.
IP
Enter the IP address of the remote network
Mask
If the Subnet option is selected, enter the mask to determine the IP addresses on
the remote network
Remote
Select the desired option, IP Addr., Any, or FQDN. If the remote gateway has a
Secure
dynamic IP address, select Any or FQDN. If Any is selected, then the Gateway will
Gateway
accept requests from any IP address.
FQDN
If FQDN is selected, enter the domain name of the remote gateway, so the
Gateway can locate a current IP address using DDNS
IP
The IP address in this field must match the public (WAN or Internet) IP address of
the remote gateway at the other end of this tunnel
Key
Key Exchange Method
Management
The gateway supports both automatic and manual key management. When
automatic key management is selected, Internet Key Exchange (IKE) protocols are
used to negotiate key material for Security Association (SA). If manual key
management is selected, no key negotiation is needed. Basically, manual key
management is used in small static environments or for troubleshooting purposes.
Note that both sides must use the same key management method.
4042592 Rev B
Configure Security
59