HOTSPOT GATEWAY
96 System Administration
Tunnel Peer Address
z Select a Peer IP Address from the pull-down menu with which this security
association is to be established.
z Must select a Peer if the policy is using ESP or AH.
z Able to select ‘none’ only if policy is a discard or bypass policy
Traffic Selector
Protocol
z To select a specific protocol via pull-down menu or protocol number
z Protocol numbers available at www.iana.org/assignments/protocol-numbers
The following settings define selectors of the Security Policy. All selectors must
match in order for the policy to be applied.
Remote End
z Remote End/ Peer IP setting - The IP address of the remote VPN server.
z Remote IP/Subnet - This is the IP address of the remote network secured by
the IPSec tunnel. The address could specify a host.
z Subnet Mask - This is the subnet mask of the remote network secured by the
IPSec tunnel.
z Remote Port – 0 is for all ports (only if protocol is UDP or TCP)
Local End
z Choice of using current Network Interface IP address or specifying a subnet -
Security Policy can derive the settings for the Local End from the current
Network IP settings of the unit.
z Local IP subnet - This is the IP address of the local network secured by the
IPSec tunnel. The address could specify a host.
z Subnet Mask - This is the subnet mask of the local network secured by the
IPSec tunnel. The address could specify a host.
z Local Port – 0 is for all ports (only if protocol is UDP or TCP)
To Next Page
Loading...
