Table of Contents
Advertisement
See
Adding an AutoIKE key VPN
Or, add a manual key VPN tunnel.
See
Adding a manual key VPN
•
Add one encrypt policy between the member VPN and the VPN concentrator. Use the following
configuration:
Source
Destination
Action
VPN Tunnel
Allow inbound
Allow outbound Select allow outbound.
Inbound NAT
Outbound NAT
See
Adding an encrypt
•
Add additional encrypt policies between the member VPNs. Use the following configuration:
Source
Destination
Action
VPN Tunnel
Allow inbound
Allow outbound Select allow outbound.
Inbound NAT
Outbound NAT
Configuring IPSec redundancy
IPSec redundancy allows you to create a redundant AutoIKE key IPSec VPN configuration to two remote
VPN gateway addresses.
For IPSec redundancy to work, both Internet connections must have static IP addresses.
To configure IPSec redundancy:
•
Add two remote gateways with the same settings (including the same authentication key) but with
different remote gateway addresses.
See
Adding a remote
•
Add two AutoIKE key tunnels with the same settings and add one of the remote gateways to each
tunnel.
See
Adding an AutoIKE key VPN
•
Add two outgoing encrypt policies.
DFL-500 User Manual
tunnel.
tunnel.
Member VPN address.
VPN concentrator address.
ENCRYPT
The VPN tunnel added in step 2.
Select allow inbound.
Select inbound NAT if required.
Select outbound NAT if required.
policy.
Local member VPN address.
Remote member VPN address
ENCRYPT
The VPN tunnel added in step 2.
Select allow inbound.
Select inbound NAT if required.
Select outbound NAT if required.
gateway.
tunnel.
52
Advertisement
Table of Contents
