Table of Contents
Advertisement
VPN menu features
IPSec VPN
Figure 264 IPSec VPN Setup — Tunnel Settings page — Preshared Secret
Fill in the Tunnel name field with your name for the tunnel. The name must not contain spaces or start
3
with a number. For example, enter Headquarters.
Leave the Enable this tunnel checkbox selected.
4
Enter The remote party's IP address, which is the IP address of the remote party's IPSec endpoint.
5
For a remote party that has a dynamic IP address, click Predefined and Dynamic IP Address appears
in the list.
Enter the Local Network that will have access to the remote network. Either select from a list of
6
predefined values, which are based on the current network configuration, or click Custom to define
custom networks.
Enter the Remote Network that the specified local network should have access to. Click Predefined to
7
choose Remote Endpoint or other existing definitions.
From the Authentication list, select one of the following:
8
• Preshared Secret – Default. This is a common secret (passphrase) that is shared between the device
and the remote party. Tunnels configured with this method of authentication using the Quick Setup will
by default use the Aggressive Mode of keying.
Note:
Preshared Secret is the only authentication currently supported by VPN offloading.
• X.509 Certificates – are used to authenticate the remote party against a Certificate Authority's (CA)
certificate. The CA certificate must have signed the local certificates that are used for tunnel
authentication. Local and CA Certificates need to be uploaded to the device before a tunnel can be
configured to use them. Tunnels configured with this method of authentication using the Quick Setup
will by default use the Main Mode of keying. If you select this option, skip to
[Conditional; only if Preshared Secret was selected for Authentication] Enter the Local Endpoint ID
9
using the form of an email to authenticate the device to the remote party. For example: sg@local.com.
[Conditional; only if Preshared Secret was selected for Authentication] Enter the Remote Endpoint
10
ID using the form of an email to authenticate the device to the remote party. For example:
sg@remote.com.
[Conditional; only if Preshared Secret was selected for Authentication] Enter the Preshared Secret
11
to use during negotiations. This secret should be kept confidential.
McAfee UTM Firewall 4.0.4 Administration Guide
Step 12
263
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee SG310
Related Products for McAfee SG310
- McAfee SG720
- McAfee SAV85E - Active VirusScan - PC
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE EPOLICY ORCHESTRATOR 4.0 PATCH 5 - S 12-05-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 1 - S 24-04-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 3 - S 09-02-2009
- McAfee SMEFCE-AI-DA - Email Security Service Inbound