Tunnel name: SecondaryLink
Enable this tunnel: Unchecked
Local interface: Default gateway interface
Keying: Aggressive mode (IKE)
Local optional endpoint ID: secondary@branch
The remote party's IP address: 209.0.1.1
Local network: 192.168.2.0/255.255.255.0
Setup an unused aliased IP address on the LAN interface of both the Headquarter and
Branch Office SGs. For example:
Headquarters SG configuration:
Alias IP address: 192.168.11.1
Alias subnet mask: 24
Branch office SG configuration:
Alias IP address: 192.168.12.1
Alias subnet mask: 24
Setup a Primary Link Test IPSec tunnel between the primary Internet IP Addresses
(192.168.11.0/32 - 209.0.0.1 <> 210.0.0.1 – 192.168.12.0/32). This will be used to
determine whether the Primary Link is back up in the failed over state. Default values are
used in the configuration unless otherwise specified below:
Headquarters SG configuration:
Tunnel name: PrimaryLinkTest
Local interface: Internet Port
Keying: Aggressive mode (IKE)
Local address: Static IP address
Remote address: Dynamic IP address
Route to remote endpoint: Internet port's gateway
Initiate phase 1 & 2 rekeying: Unchecked
Remote required endpoint ID: primarytest@branch
Phase 1 key lifetime (sec): 7200
240
Virtual Private Networking
To Next Page
Loading...
