Hi,
I'm new in config NS devices and VPN's.
My network layout is:
(t)NS5gt(u)<--->WLAN bridge<--->WLAN bridge<--->(u)NS5gt(t)
I want setup a vpn between my to sites that are interconnected with wlan bridges. I have 3 diferents subnets.
For tests i use a cross-over cable instead of WLAN brigde.
My questions are:
1- what is the most secure method to implement, policy or route based VPN?
2- I have configured with success the example of policy based site-to-site vpn Manual key in C&E, but AutoIke case didn't work.
I have configured the following:
VPNs > AutoKey Advanced > Gateway > New: Enter the following, and then click OK:
Gateway Name: To_Paris
Security Level: Custom
Remote Gateway Type:
Static IP Address: (select), IP Address/Hostname: 2.2.2.2
Preshared Key: h1p8A24nG5
Outgoing Interface: ethernet3
> Advanced: Enter the following advanced settings, and then click OK to
return to the basic Gateway configuration page:
Security Level: Custom
Phase 1 Proposal (For Custom Security Level):
pre-g2-3des-sha
Mode (Initiator): Main (ID Protection)
VPNs > AutoKey IKE > New: Enter the following, and then click OK:
VPN Name: Tokyo_Paris
Security Level: Compatible
Remote Gateway: Predefined: (select), To_Paris
I use debug ike all, but i don't saw any info in console, how can i see that?
From inside trust zone of site A i can ping untrust zone of site B, but trust zone of site B i can't
3- I have 3 subnets in the two sites, what i have to config to foward traffic from the 3 subnets in vpn?
Someone could give me some help?
Thanks
Best Regards
I'm new in config NS devices and VPN's.
My network layout is:
(t)NS5gt(u)<--->WLAN bridge<--->WLAN bridge<--->(u)NS5gt(t)
I want setup a vpn between my to sites that are interconnected with wlan bridges. I have 3 diferents subnets.
For tests i use a cross-over cable instead of WLAN brigde.
My questions are:
1- what is the most secure method to implement, policy or route based VPN?
2- I have configured with success the example of policy based site-to-site vpn Manual key in C&E, but AutoIke case didn't work.
I have configured the following:
VPNs > AutoKey Advanced > Gateway > New: Enter the following, and then click OK:
Gateway Name: To_Paris
Security Level: Custom
Remote Gateway Type:
Static IP Address: (select), IP Address/Hostname: 2.2.2.2
Preshared Key: h1p8A24nG5
Outgoing Interface: ethernet3
> Advanced: Enter the following advanced settings, and then click OK to
return to the basic Gateway configuration page:
Security Level: Custom
Phase 1 Proposal (For Custom Security Level):
pre-g2-3des-sha
Mode (Initiator): Main (ID Protection)
VPNs > AutoKey IKE > New: Enter the following, and then click OK:
VPN Name: Tokyo_Paris
Security Level: Compatible
Remote Gateway: Predefined: (select), To_Paris
I use debug ike all, but i don't saw any info in console, how can i see that?
From inside trust zone of site A i can ping untrust zone of site B, but trust zone of site B i can't
3- I have 3 subnets in the two sites, what i have to config to foward traffic from the 3 subnets in vpn?
Someone could give me some help?
Thanks
Best Regards