Table of Contents
Advertisement
Network Setup menu options
VLAN
Create an alias on the local LAN interface, and another alias on the remote LAN interface.
1
Create an IPSec tunnel for which the Local Network is the local alias address, and the Remote Network is
2
the remote alias address. The prefix length should be /32 for each network.
Create a GRE tunnel for which the Local Address is the local alias address, and the Remote Address is the
3
remote alias address.
Create a bridge between the LAN interface and the GRE tunnel at each end.
4
Adding a GRE interface
From the Network Setup menu, click Network Setup. The Connections page appears.
1
Select GRE Tunnel from the list and click Add. The Edit GRE Tunnel Settings page appears
2
Figure 105 Edit GRE Tunnel Settings page
Ensure the Enable checkbox is selected.
3
[Optional] Enter a descriptive GRE Tunnel Name for this tunnel.
4
Enter the address of the remote GRE endpoint in Remote Address; for example, the Internet IP address
5
of a remote UTM Firewall appliance. The IP address can be in the form a.b.c.d.
Enter the address of the local GRE endpoint in the Local Address field. This is typically a free address
6
on your main LAN. If your LAN connection has an alias address, it may also be a free address on the alias
network. The IP address can be in the form a.b.c.d.
Select a firewall class for the GRE interface from the Firewall Class list. Available options are:
7
• LAN
• Internet
• DMZ
• Guest
Click Finish. The GRE tunnel now appears in the Connections page.
8
Troubleshooting GRE tunnels
Symptom: Cannot ping a host on the other side of the GRE tunnel.
• Ensure that there is a route set up on the GRE tunnel to the remote network.
• Ensure that there is a route on the remote GRE endpoint to the network at this end of the GRE tunnel.
McAfee UTM Firewall 4.0.4 Administration Guide
(Figure
105).
105
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
