Cisco SA520-K9 Administration Guide - Page 153
Configuring IPsec Passthrough, Configuring a Dynamic IP Range
UPC - 882658266744
View all Cisco SA520-K9 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 153 highlights
Configuring VPN Advanced Configuration of IPsec VPN 7 • To configure IPsec passthrough, click IPsec > Passthrough. For more information, see Configuring IPsec Passthrough, page 153. • To configure a range for a dynamic IP address, see Configuring a Dynamic IP Range, page 153. • To add the users for remote access VPN, see Configuring the User Database for the IPsec Remote Access VPN, page 142. • If you enabled rollover, be sure to configure Dynamic DNS. See Dynamic DNS, page 76. Configuring IPsec Passthrough You need to configure IPsec passthrough if there are devices behind the security appliance that need to set up IPsec tunnels independently, for example, to connect to another router on the WAN. STEP 1 Click VPN > IPsec > Passthrough. The Passthrough window opens. STEP 2 Check the box for each type of traffic that you want to allow to pass through the VPN tunnel. STEP 3 Click Apply to save your settings. Configuring a Dynamic IP Range The IP address is defined by the Dynamic IP Range and is automatically set by default. However, you can use the Dynamic IP Range page to manually specify a starting and ending range for the IP address. The Dynamic IP Range is used by IPsec VPN clients connecting to the router using Mode- Config. NOTE If you are creating a VPN policy and want to change the dynamic IP address, change it before you create the policy. Otherwise, the changes will not take affect. STEP 1 Click VPN > IPsec > Dynamic IP Range. The Dynamic IP Range window opens. STEP 2 Enter a Start IP range and End IP range for the IP address. Cisco SA500 Series Security Appliances Administration Guide 153