Title: How to configure Point-to-Point IPsec VPN on firewall? [Print this page] Author: zhangqiao@ruiji Time: 2024-11-28 10:05 Title: How to configure Point-to-Point IPsec VPN on firewall? Service Demands
As shown in Figure, Site A and Site B at both ends have fixed public IP addresses. A point-to-point IPsec VPN tunnel needs to be established between the LANs of the two sites to achieve secure mutual access.
The authentication mode should be pre-shared key, and the encapsulation mode should be the tunnel mode. In this way, both ends can initiate connections.
Restrictions and Guidelines
Currently, the RG-WALL 1600-Z series firewall supports only the IPsec IKEv1 protocol for the pre-shared key authentication and ESP tunnel mode for encapsulation. Prerequisites
You have completed basic network configurations for Site A and Site B, including interface IP addresses and default routes. Pay attention to the following point during configuration:
Ensure that the IP addresses of Site A and Site B are fixed.
Using a Configuration Wizard
Configuring Site A
(1) Perform basic configuration.
(a) Choose Network> IPsec VPN > Config Wizard. The basic configuration page of the configuration wizard is displayed.
(b) Set Scenario to Point-to-Point, and set the other parameters according to the following figure.
(c) After completiong the configuration, click Next.
(2) Configure authentication.
(a) Configure parameters according to the following figure.
(b) After completing the configuration, click Next.
(3) Configure interesting traffic.
(a) Click Create. Configure parameters for interesting traffic according to the following figure.
(b) After completing the configuration, click Next.
(4) Verify configuration.
(a) After verifying the configuration, click Finish.
Configuring Site B
(1) Perform basic configuration.
(a) Choose Network> IPsec VPN > Config Wizard. The basic configuration page of the configuration wizard is displayed.
(b) Set Scenario to Point-to-Point, and set the other parameters according to the following figure.
(c) After completing the configuration, click Next.
(2) Configure authentication.
(a) Configure parameters according to the following figure.
(b) After completing the configuration, click Next.
(3) Configure interesting traffic.
(a) Click Create. Configure parameters forinteresting traffic according to the following figure.
(b) After completing the configuration, click Next.
(4) Verify configuration.
(a) After verifying the configuration, click Finish.
Welcome to Ruijie Community (https://community.ruijienetworks.com/)
