Cisco Systems ISA550 Manual De Usuario
VPN
Configuring a Site-to-Site VPN
Cisco ISA500 Series Integrated Security Appliances Administration Guide
341
8
Configuration Tasks to Establish a Site-to-Site VPN Tunnel
To establish a site-to-site VPN tunnel, complete the following configuration tasks:
•
Add the subnet IP address objects for your local network and remote
network. See
network. See
•
(Optional) Import the certificates for authentication between two peers.
Skip this step if you want to use the pre-shared key for authentication. See
Skip this step if you want to use the pre-shared key for authentication. See
.
•
Enable the site-to-site VPN feature on the security appliance. See
•
Configure IKE policies. See
.
•
Configure transform policies. See
.
•
Configure IPsec VPN policies. See
•
(Optional) Check an enabled IPsec VPN policy and click the Connect icon
to initiate the VPN connection.
to initiate the VPN connection.
When a site-to-site IPsec VPN policy is in place and enabled, a connection
will be triggered by any traffic that matches the policy. In this case, the VPN
tunnel will be set up automatically. However, for an IPsec VPN policy in which
this router’s Remote Network is set to Any (a “site-to-any” tunnel), a
connection cannot be set up automatically. Instead you must manually
establish the VPN connection by clicking the Connect icon.
will be triggered by any traffic that matches the policy. In this case, the VPN
tunnel will be set up automatically. However, for an IPsec VPN policy in which
this router’s Remote Network is set to Any (a “site-to-any” tunnel), a
connection cannot be set up automatically. Instead you must manually
establish the VPN connection by clicking the Connect icon.
•
View the status and statistic information for all IPsec VPN sessions. See
.
General Site-to-Site VPN Settings
STEP 1
Click VPN > Site-to-Site > IPsec Policies.
The IPsec Policies window opens. All existing IPsec VPN policies are listed in the
table. The following information is displayed:
table. The following information is displayed:
•
Name: The name of the IPsec VPN policy.
•
Enable: Shows if the IPsec VPN policy is enabled or disabled.
•
Status: Shows if the IPsec VPN tunnel is connected or disconnected.