Creating a Local Security Gateway Profile

Next: Creating a Remote Security Up: Security Gateways Previous: Security Gateways Contents

Creating a Local Security Gateway Profile

To create a new Local Security Gateway click the New Local Security Gateway link. A pop-up window will appear with the configuration page.

$\includegraphics{images/VPN-SG-local-main.eps}$

Device

If you are performing IPsec on more then one interface, select the interface this profile is describing from the drop-down.

Gateway Name

This is a symbolic name by this profile will be referenced later on. It should describe the characteristics of the profile. If this profile has a Local Network and is using RSA authorization, an example Profile Name is local-subnet-rsa.

IP Address

The IP address for the profile.

Gateway

The "default route", or the machine that this machine must route packets to.

Local Secure LAN

If this profile is to allow access to a Secure LAN, select the Secure Lan from this drop-down.

Identification

This is the identity this machine should announce itself as. If you are used Shared Key authentication then this should be "IP Address". If you are using RSA Signature authentication then this should be "Certificate". If you would like to specify your own, custom identity select "Other:" and enter one in the box provided.

Certificate

This is the certificate (and corresponding key) this Secure Gateway should be. Normally this will be a Host Certificate from your local CA, or a Remote Certificate you uploaded from another machine.

You only need to select a Certificate if you would like to use RSA Authentication.

When you are done entering your configuration, click the "Create Profile" button.

An example configuration:

$\resizebox*{3.5in}{!}{\includegraphics{images/Figure2.eps}}$

$\includegraphics{images/VPN-SG-local-add.eps}$

Next: Creating a Remote Security Up: Security Gateways Previous: Security Gateways Contents

09-09