Table of Contents
Advertisement
This infrastructure presents the advantage of the centrally managing internet access and the
associated security policy.
Configuration requirements
In this tutorial, the private networks of the 3 sites will be distinct (example: 192.168.0.0/24,
192.168.1.0/24 and 192.168.2.0/24).
The necessary network objects have been created on each of the sites to interlink:
the public IP address of the Hub IPS-Firewall: Pub_FW_Hub,
l
the local network of the Hub site: Private_Net_Hub,
l
the public IP address of the Spoke A IPS-Firewall: Pub_FW_Spoke_A,
l
the local network of the Spoke A site: Private_Net_Spoke_A,
l
the public IP address of the Spoke B IPS-Firewall: Pub_FW_Spoke_B,
l
the local network of the Spoke B site: Private_Net_Spoke_B.
l
Check that your PKI has been set up:
There is a certificate authority (CA),
l
Certificates have been created for the IPS-Firewalls,
l
The respective certificates have been imported on the IPS-Firewalls of the Spoke sites,
l
The CA has been added to the list of trusted CAs on each of the IPS-Firewalls to interlink.
l
Page 416/448
SNS - USER CONFIGURATION MANUAL V.3
HOW TO: IPSEC VPN - HUB AND SPOKE CONFIGURATION
sns-en-user_configuration_manual-v3 - Copyright © Stormshield 2016
.
- Quick Links:
- Administrator Management
Hide quick links:
Advertisement
Table of Contents
