Table of Contents
Advertisement
Wizards
Using the Site-to-Site Wizard to Establish the Site-to-Site VPN Tunnels
STEP 6
STEP 7
STEP 1
STEP 2
Cisco ISA500 Series Integrated Security Appliance Administrator Guide
•
Local Network: Choose the IP address of the local network. If you want to
enable zone access control settings for the IPSec VPN tunnels, choose Any
for the local network.
•
Remote Network: Choose the IP address of the remote network. You must
know the IP address of the remote network before connecting the IPSec
VPN tunnel.
If the IP address object you want is not in the list, choose Create an IP
Address to add a new address object. To maintain the IP address objects,
go to the Networking -> Address Object Management page. See
Management, page
The security appliance can support multiple subnets for IPSec VPN
NOTE
tunnel, you may need to select a group address object including
multiple VLANs for local and remote network.
After you are finished, click Next.
The Summary window opens. The Summary window displays the summary
information for all configurations you made.
Click Submit to save your settings and exit the Site-to-Site Wizard.
Configuring the IKE Policies
In the IKE Policy window, follow these procedures to create a new IKE policy.
To add an IKE policy, click Add.
Other options: To edit an entry, click Edit. To delete an entry, click Delete.
After you click Add, the IKE Policy - Add/Edit window opens.
Enter the following information:
•
Name: Enter an unique name for the IKE policy.
•
Encryption: Choose the algorithm used to negotiate the security
association. There are four algorithms supported by the security appliance:
ESP_3DES, ESP_AES-128, ESP_AES-192, and ESP_AES-256.
152.
2
Address
55
Hide quick links:
Advertisement
Table of Contents
