<< Create an IPsec Proposal

Create an IPsec Policy (2 of 4) >>

 

Example 1: IPsec VPN, Site-to-Site

Create an IPsec Policy (Step 1 of 4)

 

You will need to create two IPsec policies on Site 1: one to exclude the address range in VLAN 7 and one to permit the rest of the addresses in VLAN 7. The policy to exclude must have a higher priority because it is more specific.

TMS zl Module A

TMS zl Module B

  1. Select VPN > IPsec > IPsec Policies.

  2. Click Add IPsec Policy.

  3. For Policy Name, type omitRANGE.

  4. For Action, select Ignore.

  5. For Direction, select Both.

  6. For Position, type 1.

  7. For Traffic Selector, configure these settings:

  1. For Protocol, select Any.

  1. For Local Address, select omitRANGE.

  1. For Remote Address, select researchFTP.

  1. Click Finish.

  2. Click Add IPsec Policy again.

  3. For Policy Name, type FTPvpn.

  4. Leave the Enable this policy check box selected.

  5. For Action, select Apply.

  6. The Direction field is inactive because you selected Apply in the previous step.

  7. For Position, type 2.

  8. For Traffic Selector, configure these settings:

  1. For Protocol, select TCP.

  1. For Local Address, select VLAN_7.

  2. Leave Local Port blank.

  3. For Remote Address, type researchFTP.

  4. For Remote Port, type 21.

  1. For Proposal, select TUesp3Dxcb.

  2. Click Next.

  1. Select VPN > IPsec > IPsec Policies.

  2. Click Add IPsec Policy.

  3. For Policy Name, type mainVPN.

  4. Leave the Enable this policy check box selected.

  5. For Action, select Apply.

  6. The Direction field is inactive because you selected Apply in the previous step.

  7. For Position, type 1.

  8. For Traffic Selector, configure these settings:

  1. For Protocol, select TCP.

  1. For Local Address, select FTPserver.

  2. For Local Port, type 21.

  1. For Remote Address, select VLAN_7.

  2. Leave Remote Port blank.

  1. For Proposal, select tuESP3dXCB.

  2. Click Next.

<< Create an IPsec Proposal

Create an IPsec Policy (2 of 4) >>