gw-world:/> add IPRule Action=Allow
Service=all_services
SourceInterface=lan
SourceNetwork=172.16.1.0/24
DestinationInterface=ipsec_hq_to_branch
DestinationNetwork=192.168.11.0/24
Name=hq_to_branch
ii. Add an IP rule to allow traffic to flow from remote to local network:
gw-world:/> add IPRule Action=Allow
Service=all_services
SourceInterface=ipsec_hq_to_branch
SourceNetwork=192.168.11.0/24
DestinationInterface=lan
DestinationNetwork=172.16.1.0/24
Name=branch_to_hq
D. Add a route that routes the remote network on the tunnel:
Change the context to be the routing table:
gw-world:/> cc RoutingTable main
Add the route:
gw-world:/main> add Route
Interface=ipsec_hq_to_branch
Network=192.168.11.0/24
Return to the default CLI context:
gw-world:/main> cc
gw-world:/>
Web Interface
A. Create a pre-shared key for IPsec authentication:
1.
Go to: Objects > Key Ring > Add > Pre-Shared Key
2.
Now enter:
•
Name:
my_secret_key
•
Shared Secret: Enter a secret passphrase
•
Confirm Secret: Enter the secret passphrase again
3.
Click OK
B. Configure the IPsec tunnel:
1.
Go to: Network > Interfaces and VPN > IPsec > Add > IPsec Tunnel
2.
Now enter:
•
Name: ipsec_hq_to_branch
Chapter 9: VPN
706
Summary of Contents for NetDefendOS
Page 30: ...Figure 1 3 Packet Flow Schematic Part III Chapter 1 NetDefendOS Overview 30 ...
Page 32: ...Chapter 1 NetDefendOS Overview 32 ...
Page 144: ...Chapter 2 Management and Maintenance 144 ...
Page 284: ...Chapter 3 Fundamentals 284 ...
Page 392: ...Chapter 4 Routing 392 ...
Page 419: ... Host 2001 DB8 1 MAC 00 90 12 13 14 15 5 Click OK Chapter 5 DHCP Services 419 ...
Page 420: ...Chapter 5 DHCP Services 420 ...
Page 573: ...Chapter 6 Security Mechanisms 573 ...
Page 607: ...Chapter 7 Address Translation 607 ...
Page 666: ...Chapter 8 User Authentication 666 ...
Page 775: ...Chapter 9 VPN 775 ...
Page 819: ...Chapter 10 Traffic Management 819 ...
Page 842: ...Chapter 11 High Availability 842 ...
Page 866: ...Default Enabled Chapter 13 Advanced Settings 866 ...
Page 879: ...Chapter 13 Advanced Settings 879 ...