•
Adding an IPSec VPN policy
Configuring the VPN tunnel
Complete the following procedure on both VPN gateways.
•
Go to VPN > IPSEC > Manual Key .
•
Click New to add a new manual key VPN tunnel.
•
Configure the VPN tunnel.
Enter a name for the tunnel. The name can contain alphabetic characters, numbers and some
VPN Tunnel
special characters like - and _. Spaces and the @ character are not allowed. If you are configuring
Name
a VPN between two DFL-1000 gateways, it is recommended that you use the same tunnel name
on both sides of the VPN.
(Secure Parameter Index) Enter a hexadecimal number of up to eight digit (digits can be 0 to 9, a
Local SPI
to f). This number must be added to the Remote SPI at the opposite end of the tunnel.
Enter a hexadecimal number of up to eight digits (digits can be 0 to 9, a to f). This number must be
Remote SPI
added to the Local SPI at the opposite end of the tunnel.
Remote
Enter the external IP address of the DFL-1000 or other IPSec gateway at the opposite end of the
Gateway
tunnel.
Encryption
Select one of the three algorithms (3DES, 3DES/MD5, or 3DES/SHA1) Use the same algorithm at
Algorithm
both ends of the tunnel.
Encryption Key Enter three hexadecimal numbers of up to 16 digits each (digits can be 0 to 9, a to f). Use the
same encryption key at both ends of the tunnel.
Enter an authentication key. If you selected 3DES/MD5 for the Encryption Algorithm, enter two
Authentication
hexadecimal numbers of 16 digits each. If you selected 3DES/SHA1 for the Encryption Algorithm,
Key
enter two hexadecimal numbers, one of 16 digits and one of 14 digits. Use the same
authentication key at both ends of the tunnel.
•
Click OK to save the manual key VPN tunnel.
Example manual key exchange VPN tunnel:
Adding internal and external addresses
Use the procedure
"See Adding internal and external addresses"
addresses used by the VPN policy.
DFL-1000 User's Manual
to configure the internal and external
55