When the IPSec client connects to the IPSec VPN gateway, the DFL-500 accepts IPSec VPN
connections from the internal network and performs network address translation on them. The VPN
packets are forwarded to the destination IPSec VPN gateway with a source address of the external
interface of the DFL-500.
IPSec network to network pass through
IPSec network to network VPN pass through
, the DFL-500 that is configured for
IPSec pass through allows the DFL-500 internal IPSec VPN gateway to connect to the DFL-500-400 Internet
IPSec VPN gateway.
You can substitute any suitable DFL-500 product for the IPSec VPN gateways. One or both of these IPSec
VPN gateways could also be a third-party VPN gateway.
Use the following procedures to configure the internal IPSec VPN gateway, the Internet IPSec VPN gateway,
and the DFL-500 that will be passed through.
Configure the internal IPSec VPN gateway
Create the following configuration on the internal IPSec VPN gateway:
·
Configure the internal IPSec VPN gateway to connect to the Internet IPSec VPN gateway as if the
internal gateway is connected directly to the Internet. For more information, see
. or
Manual key IPSec VPN between two networks
·
Go to
System > Network > IP Address
and set the default gateway of the internal IPSec VPN gateway
to 192.168.1.1, which is the IP address of the internal interface of the DFL-500 to be passed
through.IPSec network to network VPN pass through
DFL-500 User Manual
72