Owner`s manual

Continued
64
Remote Subnet. This is more than just labeling which host(s) you want to access on
the other network. As mentioned in item 4 it is paramount that you set this exactly
like the “local subnet” section. If not, level 2 of the VPN connection will fail and
trafc will not pass from one VPN segment to the other.
Description: We strongly encourage some documentation here.
Now that the basics for the routing have been established. We can now move to phase 1 of
the VPN authentication process.
Here, and even in phase 2, it is vital to ensure both VPN servers have EXACTLY the same
settings for all of these elds.
Negotiation mode: This is the type of authentication security that will be used.
Unless you are extremely concerned about security, leave this as aggressive. It is
signicantly faster and will ensure that your VPN tunnel will rebuild itself quickly
and probably won’t timeout an application if the tunnel was down when the
resource on the other end was requested.
My Identier: This is the key to probably 90% of problems where the VPN tunnel
is not established. Very simply, set your identier to something that isn’t going to
change. So if you leave it as My IP address, then make sure that IP is static and
persistent. If you use a DHCP assigned address then we suggest using domain name
instead. This is because the domain name can be completely your own, even if you
do not own the domain name.
5.
6.
1.
2.
Cortexa 7202 ConfIguratIon utIlIty