Symantec 360R Administration Guide - Page 89

Establishing secure VPN connections 89 Configuring Gateway-to-Gateway tunnels The appliance supports Gateway-to-Gateway tunnel configurations. A Gatewayto-Gateway configuration is created when two security gateways are connected, through an internal network, or the Internet, from WAN port to WAN port. Figure 6-1 Gateway-to-Gateway VPN tunnel configuration This type of network configuration usually connects two subnets on the same network, or as shown in Figure 6-1, two remote offices through the Internet. Once a VPN tunnel is established, users protected by a security gateway at one site can establish a tunneled connection to the security gateway protecting the remotely located site. The remote user can connect to and access the resources of the private network as if the remote workstation was physically located inside the protected network. The Symantec Gateway Security 300 Series can connect to another Symantec Gateway Security 300 Series appliance or to one of the following appliances: ■ Symantec Gateway Security 5400 Series ■ Symantec Firewall/VPN Appliance Symantec Gateway Security 300 Series security gateways support creating a VPN tunnel to up to five remote subnets behind Symantec Enterprise Firewall or Symantec Gateway Security 5400 Series appliances, but not to another Symantec Gateway Security 300 Series appliance or Symantec Firewall/VPN Appliance. Tunnels between two Symantec Gateway Security 300 Series appliances are only made to the subnet on the LAN side of the appliance and only support the first set (subnet/mask) of the five sets of fields, which you define on the VPN > Dynamic Tunnels or VPN > Static Tunnels tabs.