ICR-1601
137
Operation Mode
1. A Must fill setting
2. Always on is
selected by default
Define operation mode for the IPSec Tunnel. It can be Always On, or Failover.
If this tunnel is set as a failover tunnel, you need to further select a primary
tunnel from which to failover to.
Note: Failover mode is not available for the gateway with single WAN.
Encapsulation
Protocol
1. A Must fill setting
2. ESP is selected by
default
Select the Encapsulation Protocol from the dropdown box for this IPSec
tunnel. Available encapsulations are ESP and AH.
Local & Remote Configuration Window
Item
Value setting
Description
Local Subnet List
A Must fill setting
Specify the Local Subnet IP address and Subnet Mask.
Click the Add or Delete button to add or delete a Local Subnet.
Note_1: When Host-to-Site or Host-to-Host option in Tunnel Scenario is
selected, Local Subnet will not be available.
Note_2: When Hub and Spoke option in Hub and Spoke is selected, there will
be only one subnet available.
Redirect Traffic
Unchecked by
default
Click Enable box to activate the Redirect Traffic function.
Note: Redirect Traffic is available only for Host-to-Site specified in Tunnel
Scenario. By default, it is disabled, so it can prevent the un-expected and
dangerous access to the peer subnet. If you enable such function, all the
network devices behind the VPN host (actually, it is an NAT router) can access
to the peer subnet with the host IP.