|
web_gui:vpn_connection [2010/11/19 16:08] mats |
web_gui:vpn_connection [2010/11/24 09:49] (current) mats |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| ====== VPN Connection Settings ====== | ====== VPN Connection Settings ====== | ||
| - | After clicking “Add connection" the “VPN Connection Settings" page appears. These are the configurations describing the IPSec tunnel you want to establish between your LAN and the remote network. | + | After clicking “Add connection" (in the [[web_gui:vpn_advanced|IPSec - Overview, Advanced]] page) the “VPN Connection Settings" page appears. These are the configurations describing the IPSec tunnel you want to establish between your LAN and the remote network. |
| Many of the fields are pre-configured to suit most common IPSec applications. Some other fields are empty and must be filled in by you before Apply-ing the page: | Many of the fields are pre-configured to suit most common IPSec applications. Some other fields are empty and must be filled in by you before Apply-ing the page: | ||
| Line 26: | Line 26: | ||
| **Processing**: | **Processing**: | ||
| - | * //Apply IPSec// Packets matching the packet selectors shall be processed according to the security algorithms. This choice is the preferred one in almost all cases. | + | * //Apply IPSec//: Packets matching the packet selectors shall be processed according to the security algorithms. This choice is the preferred one in almost all cases. |
| - | * //Bypass// Packets matching the packet selectors shall not by processed by IPSec, but forwarded through the firewall. | + | * //Bypass//: Packets matching the packet selectors shall not by processed by IPSec, but forwarded through the firewall. |
| - | * //Discard// Packets matching the packet selectors shall be ignored, deleted. | + | * //Discard//: Packets matching the packet selectors shall be ignored, deleted. |
| **Order (priority)** When packets arrive the packet selector of the connection with the lowest order number (among all peers) will be checked first, then the second lowest and so on until a match is found. | **Order (priority)** When packets arrive the packet selector of the connection with the lowest order number (among all peers) will be checked first, then the second lowest and so on until a match is found. | ||
| Line 69: | Line 69: | ||
| If the NAT IP Address field is empty your Internet Gate's own IP address is used (recommended). | If the NAT IP Address field is empty your Internet Gate's own IP address is used (recommended). | ||
| If you for some reason do not want to use that global IP then you can enter any fake IP address to be used. | If you for some reason do not want to use that global IP then you can enter any fake IP address to be used. | ||
| - | Make sure the IP address is not on a subnet used at the remote IPSec gateway, nor any real IP address used on the Internet. [[wp>NAT]] | + | Make sure the IP address is not on a subnet used at the remote IPSec gateway, nor any real IP address used on the Internet. |
| + | See also [[vpn:easyclient|EasyClient]]. [[wp>NAT]] | ||
| **Enable** Here you enable this special mode. | **Enable** Here you enable this special mode. | ||
| Line 109: | Line 110: | ||
| **Life time** A new IKE key exchange is performed after the specified time (in seconds) has passed. | **Life time** A new IKE key exchange is performed after the specified time (in seconds) has passed. | ||
| + | ====== ====== | ||
| + | \\ | ||
| + | [[vpn:start|VPN Overview]] | ||
