Virtual Private Networking Using IPSec Connections
161
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
• If the VPN policy is of a Manual Policy type, the settings that are specified in the
Manual Policy Parameters section of the Add New VPN Policy screen (see
Figure 107 on page 170) are accessed, and the first matching IKE policy is used to
start negotiations with the remote VPN gateway:
- If negotiations fail, the next matching IKE policy is used.
- If none of the matching IKE policies are acceptable to the remote VPN gateway,
then a VPN tunnel cannot be established.
2. An IKE session is established, using the security association (SA) settings that are specified
in a matching IKE policy:
• Keys and other settings are exchanged.
• An IPSec SA is established, using the settings that are specified in the VPN policy.
The VPN tunnel is then available for data transfer.
When you use the VPN Wizard to set up a VPN tunnel, an IKE policy is established and
populated in the List of IKE Policies, and is given the same name as the new VPN connection
name. You can also edit exiting policies or add new IKE policies from the IKE Policies screen.
IKE Policies Screen
To access the IKE Policies screen:
Select VPN > IPSec VPN. The IPSec VPN submenu tabs display, with the IKE Policies
screen in view (The following figure shows some examples).
Figure 104.
To Next Page
Loading...
