Manualshelf

User manual

ManualsBrandsSecure Computing ManualsComputer equipmentSG550
221222223224225226227228229230
Virtual Private Networking
226
Setup an IPSec tunnel between the secondary Internet IP Addresses (192.168.1.0/24 -
209.0.1.1 <-> 210.0.1.1 – 192.168.2.0/24). Default values are used in the configuration
unless otherwise specified below:
Headquarters SG configuration:
Tunnel name: SecondaryLink
Local interface: Internet port
Keying: Aggressive mode (IKE)
Local address: Static IP address
Remote address: Dynamic IP address
Route to remote endpoint: DMZ port's gateway
Remote required endpoint ID: secondary@branch
Local network: 192.168.1.0/255.255.255.0
Remote network: 192.168.2.0/255.255.255.0
Branch Office SG configuration:
Tunnel name: SecondaryLink
Enable this tunnel: Unchecked
Local interface: Default gateway interface
Keying: Aggressive mode (IKE)
Local optional endpoint ID: secondary@branch
The remote party's IP address: 209.0.1.1
Local network: 192.168.2.0/255.255.255.0
Setup an unused aliased IP address on the LAN interface of both the Headquarter and
Branch Office SGs. For example:
Headquarters SG configuration:
Alias IP address: 192.168.11.1
Alias subnet mask: 24
Branch office SG configuration:
Alias IP address: 192.168.12.1