Thread: Site to Site VPN tunnel using NGX(R50)
View Single Post
  #2 (permalink)  
Old 2005-10-24
rasberrystolli rasberrystolli is offline
Junior Member
  
Join Date: 2005-09-29
Posts: 7
Rep Power: 0
rasberrystolli has an average reputation (10+)
Default Re: Site to Site VPN tunnel using NGX(R50)
VPN Setup

What you need to know
• Remote site external gateway (ISP)
• What networks they will allow you to get to
• Create a network object for the remote site’s network. If more than one network create a network group.
• Create an interoperable device. Use this because it doesn’t have to be a checkpoint firewall on the other end. If you use checkpoint firewall you have to specify the version. If this version changes the VPN will break.
• Create interoperable device and specify their remote gateway. Manually define the vpn domain. Put in the remote access group you just created for the remote network. Your firewall also has to have vpn domain manually.
• Create a VPN community add participating gateways- your firewall and theirs
• VPN properties
• VPN – advanced- disable NAT (what ever you use it must match theirs)
• Key exchange AES-256 SHA1 (what ever you use it must match theirs)
• Shared secret click and use shared secret for all external members. Click edit. Enter secret xxxxxx (make complicated) must be the same at each site.
• Set up rules
• Source (your network group and theirs) destination (your network group and theirs) VPN add your VPN community Service Any
• Push policy
Reply With Quote