VPN
Configuring the Site-to-Site VPN
Cisco ISA500 Series Integrated Security Appliance Administrator Guide
247
8
•
(Optional) Import the certificate for authentication between two peers. Skip
this step if you want to use the pre-shared key for authentication. See
Managing the Certificates for Authentication, page 310
•
Enable the Site-to-Site VPN feature on your security appliance. See
General Site-to-Site VPN Settings, page 247
.
•
Configure the IPSec IKE policies. See
Configuring the IPSec IKE Policies,
•
Configure the IPSec Transform policies. See
•
Configure the IPSec VPN policies. See
.
•
Check the box of an enabled IPSec VPN policy, and then click
Connect
to
initiate the IPSec VPN connection.
•
Check the status and statistic information for IPSec VPN tunnels. See
Monitoring the IPSec VPN Status, page 269
General Site-to-Site VPN Settings
STEP 1
Click
VPN -> Site-to-Site -> IPSec Policies
.
The IPSec Policies window opens. All existing IPSec VPN policies are listed in the
table. You can check the following information of an IPSec VPN policy:
•
Name:
The name of the IPSec VPN policy.
•
Enable:
Shows that the IPSec VPN policy is enabled or disabled.
•
Status:
Shows if the IPSec VPN tunnel is connected or disconnected.
•
WAN Interface:
The WAN interface that the traffic over the IPSec VPN tunnel
passes through.
•
Peers:
The IP address of the remote peer.
•
Zone Access:
The zone to which the remote peer can access.
•
Local:
The local network of the local peer.
•
Remote:
The remote network of the remote peer.
•
Policy:
The IKE policy used for the IPSec VPN policy.