Help - VPN Policies

This screen allows you to manage VPN policies.

  • Traffic covered by an enabled policy will automatically be sent via a VPN tunnel. If the VPN tunnel does not exist, it will be created.
  • Where traffic is covered by 2 or more policies, the first matching policy will be used.
    (In this situation, the order of the policies is important . However, if you only have 1 policy for each remote VPN Endpoint, then the policy order is not important.)
  • The VPN tunnel is created according to the parameters in the SA (Security Association).
  • The remote VPN Endpoint must have a matching SA, or it will refuse the connection.

There are 2 types of VPN Policies:

  • Manual - All settings (including the keys) for the VPN tunnel are manually input at each end (both VPN Endpoints).
  • Auto - Some parameters for the VPN tunnel are generated automatically. This requires using the IKE (Internet Key Exchange) protocol to perform negotiations between the 2 VPN Endpoints.

Data
Policy Table The Policy Table contains the following data
  • Enable - Use this checkbox to Enable or Disable a Policy as required. Click "Save" after making any changes.
  • Name - Each policy is given a unique name to identify it. This name is not known to the remote VPN endpoint; it is used only to assist managing your policies.
  • Endpoint - The address of the remote VPN endpoint.
  • Type - The Type is "Auto" or "Manual" as explained above.
  • Local LAN - IP address or subnet on your local LAN. Traffic must be from (or to) these addresses to be covered by this policy.
  • Remote LAN - IP address or subnet on the remote LAN. Traffic must be to (or from) these addresses to be covered by this policy.
  • ESP - ESP (Encapsulating Security Payload) encryption protocol used for the VPN data.

Buttons
Save Save any changes to the "Enable" setting for each policy.
Edit Edit (modify) the selected policy. (Select a policy by clicking on the radio button.)
Delete Delete the selected policy. (Select a policy by clicking on the radio button.)
Add Auto Policy Change to the input screen for an "Auto" policy. When the new policy is saved, it will appear in the bottom row of the Policy Table.
Add Manual Policy Change to the input screen for an "Manual" policy. When the new policy is saved, it will appear in the bottom row of the Policy Table.
VPN Status View details of each current VPN Tunnel is a sub-window. You also have the option of viewing the VPN Log.