Page 226 / 414 Scroll up to view Page 221 - 225
Virtual Private Networking Using IPSec and L2TP Connections
226
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Figure 139.
Each policy contains the data that are explained in the following table. These fields are
explained in more detail in
Table 53
on page 230.
To delete one or more VPN polices:
1.
Select the check box to the left of each policy that you want to delete, or click the
Select
All
table button to select all VPN policies.
2.
Click the
Delete
table button.
Table 52.
VPN Policies screen information for IPv4 and IPv6
Item
Description
! (Status)
Indicates whether the policy is enabled (green circle) or disabled (gray circle). To enable
or disable a policy, select the check box adjacent to the circle, and click the
Enable
or
Disable
table button, as appropriate.
Name
The name that identifies the VPN policy. When you use the VPN Wizard to create a VPN
policy, the name of the VPN policy (and of the automatically created accompanying IKE
policy) is the connection name.
Type
Auto or Manual as described previously (Auto is used during VPN Wizard configuration).
Local
IP address (either a single address, range of address, or subnet address) on your LAN.
Traffic needs to be from (or to) these addresses to be covered by this policy. (The subnet
address is supplied as the default IP address when you are using the VPN Wizard.)
Remote
IP address or address range of the remote network. Traffic needs to be to (or from) these
addresses to be covered by this policy. (The VPN Wizard default requires the remote
LAN IP address and subnet mask.)
Auth
The authentication algorithm that is used for the VPN tunnel. This setting needs to match
the setting on the remote endpoint.
Encr
The encryption algorithm that is used for the VPN tunnel. This setting needs to match the
setting on the remote endpoint.
Page 227 / 414
Virtual Private Networking Using IPSec and L2TP Connections
227
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
To enable or disable one or more VPN policies:
1.
Select the check box to the left of each policy that you want to enable or disable, or click
the
Select All
table button to select all VPN Policies.
2.
Click the
Enable
or
Disable
table button.
For information about how to add or edit a VPN policy, see
Manually Add or Edit a VPN
Policy
on this page.
Manually Add or Edit a VPN Policy
To manually add a VPN policy:
1.
Select
VPN > IPSec VPN > VPN Policies
.
The VPN Policies screen displays the IPV4
settings (see
Figure 139
on page 226).
2.
Under the List of VPN Policies table, click the
Add
table button. The Add New VPN Policy
screen displays the IPv4 settings (see the next screen,
Figure 140
on page 228).
3.
Specify the IP version for which you want to add a VPN policy:
IPv4
. In the upper right of the screen, the IPv4 radio button is already selected by
default. Go to
Step 4
.
IPv6
. Select the
IPv6
radio button. The Add New VPN Policy screen for IPv6 displays
(see
Figure 141
on page 229).
Page 228 / 414
Virtual Private Networking Using IPSec and L2TP Connections
228
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Figure 140.
Add New VPN Policy screen for IPv4
Page 229 / 414
Virtual Private Networking Using IPSec and L2TP Connections
229
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
Figure 141.
Add New VPN Policy screen for IPv6
Page 230 / 414
Virtual Private Networking Using IPSec and L2TP Connections
230
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
4.
Complete the settings as explained in the following table. The only differences between IPv4
and IPv6 settings are the subnet mask (IPv4) and prefix length (IPv6).
Table 53.
Add New VPN Policy screen settings for IPv4 and IPv6
Setting
Description
General
Policy Name
A descriptive name of the VPN policy for identification and management
purposes.
Note:
The name is not supplied to the remote VPN endpoint.
Policy Type
From the drop-down list, select one of the following policy types:
Auto Policy
. Some settings (the ones in the Manual Policy Parameters
section of the screen) for the VPN tunnel are generated automatically.
Manual Policy
. All settings need to be specified manually, including the ones
in the Manual Policy Parameters section of the screen.
Remote Endpoint
Select a radio button to specify how the remote endpoint is defined:
IP Address
. Enter the IP address of the remote endpoint in the fields to the
right of the radio button.
FQDN
. Enter the FQDN of the remote endpoint in the field to the right of the
radio button.
Enable NetBIOS?
Select this check box to enable NetBIOS broadcasts to travel over the VPN
tunnel. For more information about NetBIOS, see
Configure NetBIOS Bridging
with IPSec VPN
on page 256. This feature is disabled by default.
Enable Auto Initiate
Select this check box to enable the VPN tunnel to autoestablish itself without the
presence of any traffic.
Note:
The direction and type of the IKE policy that is associated with this VPN
policy need to be either Initiator or Both but cannot be Responder. For more
information, see
Manually Add or Edit an IKE Policy
on page 219.
Enable Keepalive
Note:
See also
Configure Keep-Alives
and Dead Peer
Detection
on page 253.
Select a radio button to specify if keep-alive is enabled:
Yes
. This feature is enabled: Periodically, the wireless VPN firewall sends
keep-alive requests (ping packets) to the remote endpoint to keep the tunnel
alive. You need to specify the ping IP address in the Ping IP Address field, the
detection period in the Detection Period field, and the maximum number of
keep-alive requests that the wireless VPN firewall sends in the Reconnect
after failure count field.
No
. This feature is disabled. This is the default setting.
Ping IP Address
The IP address that the wireless VPN firewall pings. The
address needs to be of a host that can respond to ICMP
ping requests.
Detection Period
The period in seconds between the keep-alive requests. The
default setting is 10 seconds.
Reconnect after
failure count
The maximum number of keep-alive requests before the
wireless VPN firewall tears down the connection and then
attempts to reconnect to the remote endpoint. The default
setting is 3 keep-alive requests.

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top