Network Setup
100
Create an IPSec tunnel between Brisbane and Slough. Select IPSec from the VPN
section of the main menu and click New. For a complete overview of all available options
when setting up an IPSec tunnel, refer to the IPSec section earlier in this chapter.
Take note of the following important settings:
Set the local party as a single network behind this appliance. Set the remote party
as single network behind a gateway.
For the Slough end’s Phase 2 Settings, specify the Local Network as 10.254.0.1 /
255.255.255.255 and the Remote Network as 10.254.0.2 / 255.255.255.255. For the
Brisbane end’s Phase 2 Settings, specify the Local Network as 10.254.0.2 /
255.255.255.255 and the Remote Network as 10.254.0.1 / 255.255.255.255. Note the
32 bit netmasks (255.255.255.255) being used.
Create the GRE tunnel. Under the main Network Setup table, select GRE Tunnel and
click Add. For the Slough end, enter:
GRE Tunnel Name: to_bris
Remote Address: 10.254.0.2
Local Address: 10.254.0.1
Firewall Class: LAN
For the Brisbane end, enter:
GRE Tunnel Name: to_slough
Remote External Address: 10.254.0.1
Local External Address: 10.254.0.2
Firewall Class: LAN
Click Finish to add the interface. Edit the bridge interface that you added at the
beginning of these steps. Check Bridged for the GRE interface you have just added,
and select a Firewall Class of LAN. Click Finish.
At the Slough end, click Packet Filtering, the Custom Firewall Rules tab and add this
custom firewall rule:
iptables -I OUTPUT ! -o ipsec+ -d 10.254.0.2 -j DROP
Click Update.
To Next Page
Loading...
Need help?
General
