Configuring Advanced Site to Site Settings
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|352
Configuring Advanced Site to Site Settings
In the VPN > Site to Site Advanced page you can configure global advanced options that
define how the appliance connects to remote sites.
The configuration options on this page answer these configuration questions:
n
When to open a connection with a remote site - See "Configuring a Local Encryption
Domain" below. In addition, the remote site's encryption domain is configured per site.
See the VPN > Site to Site VPN Sites page.
n
How the appliance connects to remote sites - See "Configuring the Appliance's Outgoing
Interfaces for VPN usage below.
Configuring a Local Encryption Domain
In domain-based VPN, traffic is encrypted when it originates in one Encryption Domain and is
transmitted to a different domain.
The local Encryption Domain defines:
n
The internal networks that encrypted traffic from remote sites and networks can get
access.
n
That traffic from the Encryption Domain to remote sites is encrypted.
By default, the local encryption domain is determined automatically be the
appliance.Networks behind LAN interfaces and trusted wireless networks are part of the local
Encryption Domain. Optionally, you can manually create a local Encryption Domain if
necessary.
To configure a local Encryption Domain manually:
1. Click the link defined automatically according to topology.
2. Select Define local network topology manually.
3. Click Select to show the full list of available networks and select the applicable
checkboxes.
4. Click New if the existing list does not contain the necessary networks required.
For information on how to create a new network object, see the Users & Objects >
Network Objects page.
5. Click Apply.
The Site to Site Local Encryption Domain window opens and shows the services you selected.
To Next Page
Loading...
