To configure an IPsec VPN

Note: The NFM-P does not support IPsec VPN creation when language localization is enabled.

See Localized language support in Chapter 1, NFM-P GUI for information.

Steps
 

Choose Manage→Service→IPsec from the NFM-P main menu. The Manage IPsec VPNs form opens.


Click Create. The IPsec VPN (Create) step form opens with the Create IPsec VPN step displayed.


Configure the parameters in the IPsec VPN panel.


Specify a corporate service.

Use the following steps:

  1. Configure the Service Type parameter.

  2. Select a corporate service in the Corporate Service panel.


Configure the Link Corporate and Secured Service parameter in the Composite Service panel.


Click Next. The Select Service Sites step form is displayed.


Click Create to select the IPsec VPN service sites.


Click Next. The Create/Select Secure VPRN Service step form is displayed.


Perform one of the following.

  1. Click Select Service to select a service, and configure the parameters on the Service Site tab.

  2. Click Create Service to create a service, and configure the parameters on the Service and Service Site tabs.

  3. Click Create Service from Template and select a service.

    Note: The template must be configured for one site. The template cannot be used if the template is configured for multiple sites.


10 

Click Next. The Create/Select Delivery Service(s) step form is displayed.


11 
CAUTION 

CAUTION

Service Disruption

Service Disruption

When you remove a service, the service is removed without confirmation and cannot be restored.

Perform one of the following.

  1. To select a delivery service, click Select Service, select a service, and configure the parameters on the Service Site tab.

  2. To create a delivery service, click Create Service, choose IES or VPRN, and configure the parameters on the Service and Service Site tabs.

  3. To create a service from a template, click Create Service from Template, choose VPRN Templates or IES Templates, and select a template.

    Note: The template must be configured for one site. The template cannot be used if the template is configured for multiple sites.

  4. To remove a service, click Remove Service, select a service, and click Remove Service.


12 

Click Next. The Tunnel Group Selection step form is displayed.


13 

Configure each parameter that has a field with a yellow background by clicking in the field and entering a value or choosing an option.

Note: The parameters are not included in the XML model. However, using the OSS interface, you can create the ServiceSiteStructs and can create the IPsec VPN objects in the ServiceSiteStructs.


14 

Click Next. The Create Policy step form opens.


15 

Perform one of the following, depending on the Tunnel Type parameter setting in Step 13.

  1. If the parameter is set to Dynamic (Site-to-Site), perform To assign policies and configurations for a dynamic site-to-site IPsec VPN.

  2. If the parameter is set to Dynamic (Soft Client), perform To assign policies and configurations for a dynamic soft client IPsec VPN.

  3. If the parameter is set to Static, perform To assign policies and configurations for a static IPsec VPN.

End of steps