User Interface
R&S
®
GP-E/GP-S
113User Manual v16.2.1 ─ 01
If you do not enable local and remote identities, the connection will not provide a local
identity in the case of outgoing connections and will accept any remote identity (or
none) in the case of incoming connections respectively.
If you want the sites to identify each other correctly, the "Local Identity Type" and
"Local Identity" specified on one site have to match the "Remote Identity Type" and
"Remote Identity" on the other site.
You can only have one IPsec connection (C2S/S2S) per access zone if the connection
is configured without any local or remote identity.
The local and remote identities for connections within one access zone must be unique
for all IPsec C2S and S2S connections.
The buttons at the bottom right of the editor panel depend on whether you add a new
VPN IPsec C2S connection or edit an existing connection. For a newly configured con-
nection, click "Create" to add the connection to the list of available IPsec C2S connec-
tions or "Cancel" to discard your changes. To edit an existing connection, click "Close"
as long as no changes have been made, "Save" to store the reconfigured connection
or "Reset" to discard your changes.
Click "
Activate" in the toolbar at the top of the desktop to apply your configuration
changes.
If an IPsec connection is used in a firewall connection, the IPsec connection cannot be
deleted. Likewise, the selected access and local zones cannot be deleted as long as
the IPsec C2S connection exists.
For instructions on setting up an IPsec connection, see Chapter 4.12.1, "Setting Up a
Client-to-Site VPN via IPsec", on page 159.
IPsec Site-to-Site
Use the "Site-to-Site" settings to create a VPN connection which serves as a secure »
tunnel« between two remote networks.
Several local networks can be connected over an IPsec Site-to-Site VPN to remote
networks on another site. All IPsec packets coming in from another site will first be
decrypted and then sent through the firewall to the local zone. Outgoing packets go
through the firewall as well and will then be encrypted.
IPsec Site-to-Site Overview
Navigate to "VPN > IPsec > Site-to-Site" to display the list of IPsec Site-to-Site VPN
connections that are currently defined on the system in the item list bar.
In the expanded view, the columns of the table display the "Name" of the IPsec Site-to-
Site connection and the name of the IPsec "Profile" selected for this connection. The
Menu Reference
To Next Page
Loading...