Enter the local LAN subnets here. If you have defined static routes, they will be shown
here.
Using NAT, you can map a specific local network / IP address to another, and the packets
received by remote gateway will appear to be coming from the mapped network / IP
address. This allow you to establish IPsec connection to a remote site that has one or
more subnets overlapped with local site.
Two types of NAT policies can be defined:
One-to-One NAT policy: if the defined subnet in Local Network and NAT Network has the
same size, for example, policy "192.168.50.0/24 > 172.16.1.0/24" will translate the local
IP address 192.168.50.10 to 172.16.1.10 and 192.168.50.20 to 172.16.1.20. This is a
bidirectional mapping which means clients in remote site can initiate connection to the
local clients using the mapped address too.
Many-to-One NAT policy: if the defined NAT Network on the right hand side is an IP
address (or having a network prefix /32), for example, policy "192.168.1.0/24 >
172.168.50.1/32" will translate all clients in 192.168.1.0/24 network to 172.168.50.1. This
is a unidirectional mapping which means clients in remote site will not be able to initiate
connection to the local clients.
To access your VPN, clients will need to authenticate by your choice of methods. Choose
between the Preshared Key and X.509 Certificate methods of authentication.
To Next Page
Loading...
Need help?
General
