the key expires, the VPN gateway and the client generate a new key without
interrupting service.
Authentication
Key
Enter up to 20 characters. The VPN gateway and clients must have the same
key.
ddcHH01887d
Complete the following procedure on the DFL-1000 VPN gateway.
•
Go to
VPN > IPSEC > Autokey IKE
.
•
Click New to add a new Autokey IKE VPN tunnel.
•
Enter the VPN Tunnel Name, Remote Gateway, Keylife, and Authentication Key.
•
Click OK to save the Autokey IKE VPN tunnel.
Adding internal and external addresses
The next step in configuring the VPN is to add the addresses of the VPN clients as well as the address of
the internal to the VPN gateway.
You do not have to add addresses for remote clients with dynamic IP addresses.
Example VPN Gateway IP Addresses
shows the internal and external addresses required for the VPN
Gateway shown in
Example VPN between an internal network and remote clients
Example VPN Gateway IP Addresses
Description
Example
Setting
Internal Address
Address
Name
The name to assign to the internal network that the VPN client can connect to.
Main_Office
IP address
192.168.1.0
Netmask
The IP address and netmask of the internal network that the VPN client can connect
to.
255.255.255.0
External Address
Address
Name
The name to assign to the VPN client.
VPN_Client
IP address
2.2.2.2
Netmask
The IP address and netmask of a VPN client with a static IP address (for example,
2.2.2.2). You do not have to add an address for a client with a dynamic IP address.
255.255.255.255
Complete the following procedure on the VPN gateway to add the internal and external IP addresses:
•
Go to
Firewall > Address > Internal
.
•
Click New to add a new internal address.
•
Enter an Address Name, IP Address and NetMask for the internal network.
•
Click OK to save the internal address.
•
Go to
Firewall > Address > External
.
•
Click New to add the static IP address of the client.
•
Enter an Address Name, IP Address, and NetMask for the VPN client.
•
Click OK to save the client address.
Adding an IPSec VPN policy
The VPN policy associates the source address of the internal network and the destination address of the
VPN client with the VPN tunnel created for the VPN client. The VPN gateway then starts up the VPN
tunnel whenever it receives packets from the VPN client. Once the VPN tunnel is established, all traffic
DFL-1000 User’s Manual
53