Table of Contents
Advertisement
internal network can connect to the branch office internal network and users on the branch office internal
network can connect to the main office internal network. Users on the branch office network can also
connect to services such as an email server running on the main network.
Communication between the two networks takes place in an encrypted VPN tunnel that connects the two
DFL-1000 VPN gateways across the Internet. Users on the internal networks are not aware that when
they connect to a computer on the other network that the connection is across the Internet.
As shown in
Example VPN between two internal
DFL-1000 VPN gateway. Alternatively, one of the networks can be protected by a third-party VPN
gateway that also supports IPSec and Autokey IKE.
Use the following procedures to configure an IPSec Autokey IKE VPN between internal networks:
•
Creating the VPN tunnel
•
Adding internal and external addresses
•
Adding an IPSec VPN policy
Figure: Example VPN between two internal networks:
Creating the VPN tunnel
A VPN tunnel consists of a name for the tunnel, the IP address of the VPN gateway at the opposite end of
the tunnel, the keylife for the tunnel, and the authentication key to be used to start the tunnel. You must
create complementary VPN tunnels on each of the VPN gateways. On both gateways the tunnel should
have the same name, keylife, and authentication key.
Example IPSec Autokey VPN Tunnel configuration
tunnel for the VPN in
Example VPN between two internal
DFL-1000 User's Manual
networks, each internal network can be protected by a
shows the information required to configure the VPN
networks.
48
Advertisement
Table of Contents
