<< Configure GRE Tunnel

Create Firewall Access Policies >>

 

Example 4: GRE Tunnel, Site-to-Site

Create Named Objects

 

Before creating firewall access policies to permit the VPN traffic, it is a good idea to create named objects that contain the addresses and/or services that you will need.

For this example, you will need to create address objects for the local endpoints, the remote gateways, and a service object for GRE. The objects on each site can have any name that you want.

TMS zl Module A

TMS zl Module B

  1. Select Firewall > Access Policies > Addresses.

  2. Click Add an Address.

  3. Create a single-entry network address for VLAN50.

  1. For Name, type VLAN50.

  2. For Type, select Network.

  3. Select Single-entry and type 10.1.50.0/24.

  4. Click Apply.

  1. Create a single-entry network address for VLAN80.

  1. For Name, type VLAN80.

  2. For Type, select Network.

  3. Select Single-entry and type 10.1.80.0/24.

  4. Click Apply.

  1. Create a single-entry IP address for the external interface of Module A.

  1. For Name, type siteAinter.

  2. For Type, select IP.

  3. Select Single-entry and type 10.1.10.99.

  4. Click Apply.

  1. Create a single-entry IP address for the external interface of Module B.

  1. For Name, type siteBinter.

  2. For Type, select IP.

  3. Select Single-entry and type 10.1.20.44.

  4. Click Apply.

  5. Click Close.

  1. Create a service object for GRE.

  1. Click the Services tab.

  2. Click Add Service.

  3. For Name, type GRE.

  4. For Protocol, select (47) GRE.

  5. Click Apply.

  6. Click Close.

  1. Select Firewall > Access Policies > Addresses.

  2. Click Add an Address.

  3. Create a single-entry network address for VLAN80.

  1. For Name, type VLAN80.

  2. For Type, select Network.

  3. Select Single-entry and type 10.1.80.0/24.

  4. Click Apply.

  1. Create a single-entry network address for VLAN50.

  1. For Name, type VLAN50.

  2. For Type, select Network.

  3. Select Single-entry and type 10.1.50.0/24.

  4. Click Apply.

  1. Create a single-entry IP address for the external interface of Module B.

  1. For Name, type siteBinter.

  2. For Type, select IP.

  3. Select Single-entry and type 10.1.20.44.

  4. Click Apply.

  1. Create a single-entry IP address for the external interface of Module A.

  1. For Name, type siteAinter.

  2. For Type, select IP.

  3. Select Single-entry and type 10.1.10.99.

  4. Click Apply.

  5. Click Close.

  1. Create a service object for GRE.

  1. Click the Services tab.

  2. Click Add Service.

  3. For Name, type GRE.

  4. For Protocol, select (47) GRE.

  5. Click Apply.

  6. Click Close.

<< Configure GRE Tunnel

Create Firewall Access Policies >>