Table of Contents
Advertisement
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
Table 7-2. (IPsec) VPN Wizard Settings for a Gateway-to-Gateway Tunnel (continued)
Setting
This VPN tunnel will use
following local WAN Interface
(UTM25 only)
End Point Information
What is the Remote WAN's IP
Address or Internet Name?
What is the Local WAN's IP
Address or Internet Name?
Secure Connection Remote Accessibility
What is the remote LAN IP
Address?
What is the remote LAN
Subnet Mask?
a. Both local and remote endpoints should be defined as either FQDNs or IP addresses. A combination of an IP address and
a FQDN is not supported.
.
Tip: To assure tunnels stay active, after completing the wizard, manually edit the
VPN policy to enable keepalive which periodically sends ping packets to
the host on the peer side of the network to keep the tunnel alive. For more
information, see
.
Tip: For DHCP WAN configurations, first set up the tunnel with IP addresses.
After you have validated the connection, you can use the wizard to create
new policies using the FQDN for the WAN addresses.
7-6
Description (or Subfield and Description)
For the UTM25 only, select one of the two radio buttons (WAN1 or
WAN2) to specify which local WAN interface the VPN tunnel uses as
the local endpoint.
Note: If the UTM25 is configured to function in WAN auto-rollover
mode, after completing the wizard, you must manually update the VPN
policy to enable VPN rollover. For more information, see
Adding or Editing a VPN Policy" on page
a
Enter the IP address or Internet name (FQDN) of the WAN interface on
the remote VPN tunnel endpoint.
When you select the Gateway radio button in the About VPN Wizard
section of the screen, the IP address of the UTM's active WAN
interface is automatically entered.
Enter the LAN IP address of the remote gateway.
Note: The remote LAN IP address must be in a different subnet than
the local LAN IP address. For example, if the local subnet is
192.168.1.x, then the remote subnet could be 192.168.10.x. but could
not be 192.168.1.x. If this information is incorrect, the tunnel will fail to
connect.
Enter the LAN subnet mask of the remote gateway.
"The VPN Policies Screen" on page
Virtual Private Networking Using IPsec Connections
v1.0, September 2009
"Manually
7-32.
7-30.
Advertisement
Table of Contents
Troubleshooting
