EasyManua.ls Logo

Quantum SPARK 1500 - Configuring the Appliance Interfaces; Configuring the IKE ID Type for the Ikev2 Main Mode (MM) Negotiation with 3 Rd-Party VPN Peers

Quantum SPARK 1500
461 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Configuring Advanced Site to Site Settings
R81.10.X Quantum Spark 1500, 1600, 1800, 1900, 2000 Appliances Locally Managed Administration Guide|353
Configuring the Appliance Interfaces
Link Selection is used to:
n
Specify which interface is used for incoming and outgoing VPN traffic.
n
Determine the best possible path for the traffic.
In addition, with the Link Selection mechanisms, the administrator can select which source IP
addresses are used for VPN traffic.
The default configuration to select an outgoing interface and source IP address is for the
device to determine them automatically. Alternatively, you can change the default settings and
select other means to determine:
n
The appliance's outgoing interface
n
The appliance's source IP address
To configure the appliance's outgoing interfaces and source IP address for VPN:
1. In the Link Selection > Outgoing interface selection section, select a method to specify
the outgoing interface:
n
According to the routing table The OS's routing table finds the interface link with
the lowest metric (highest priority) through which to send traffic based on the
remote site's IP addresses.
n
Route based probing This method also consults the routing table for the link with
the lowest metric. But, before choosing an interface link to send traffic, all routing
possibilities are examined. This is to make sure that the link is active. The gateway
selects the best match (highest prefix length) active route with the lowest metric
(highest priority). This method is recommended when there is more than one
external interface.
2. In the Source IP address selection section, select an option to configure the source IP
address used by the Security Gateway, when it initiates or responds to VPN traffic. This
IP address is normally used by the remote sites to connect to this Security Gateway:
n
Automatically chosen according to outgoing interface.
n
Manually configured Enter an IP address that is always used as the source IP
address of a VPN tunnel.
Configuring the IKEID Type for the IKEv2 Main Mode (MM)
Negotiation with 3rd-party VPN Peers
Note - In the R81.10.X releases, this feature is available starting from the R81.10.10
version.

Table of Contents

Related product manuals