To assign policies and configurations for a static IPsec VPN

Purpose

Perform this procedure if the Tunnel Type parameter in Step 13 of To configure an IPsec VPN is set to Static.

Steps
 

Select an IPsec tunnel template.


Configure the required parameters.


If you set the Keying parameter to Manual, configure the parameters in the Manual Keying - Inbound and Manual Keying - Outbound panels.


Select an IPsec transform policy.


Configure the Auto-Establish parameter.

Note: The Auto-Establish parameter is configurable only if dynamic keying is enabled.


Click Finish.

The NFM-P performs the following:

  • creates a secure VPRN service and sites

    • creates the IPsec security policy

    • creates a tunnel interface

    • assigns a tunnel group with an auto-generated outer encapsulation as a private SAP

    • creates the IPsec tunnel

    • assigns the security policy to the tunnel

    • configures the local and remote gateway addresses

    • configures the delivery service

    • configures the replay window

    • configures the keying

    • if set, enables auto-establish

    • configures the static route

    • configures the service name

  • creates the IES or VPRN delivery service and sites

    • creates an access interface

    • assigns a tunnel group with an auto-generated outer encapsulation as a public SAP

    • configures the IP address of the SAP

    • configures the service name

  • if the Link Corporate and Secure Service parameter is enabled, creates a composite service that contains the corporate and secure services


To view the IPsec VPN, click View the newly created IPsec Secured VPN. The IPsec VPN (Create) step form closes, and the IPsec VPN form opens.


Close the forms.

End of steps