How route-based VPNs work
Devices that provide VPN access are called VPN gateways. With route-based VPNs, you can create only site-to-site VPN tunnels between gateway devices.
There are two general types of VPN gateways in the SMC:
- VPN Gateway elements are NGFW Engines that are managed by the Management Server and administrative Domain you are currently connected to with your Management Client.
- All other gateway devices are External VPN Gateway elements. NGFW Engines that are managed by a different Management Server or administrative Domain are also External VPN Gateway elements.
Due to the various authentication and encryption methods that the IPsec protocol supports, the number of settings is rather high. To reduce configuration work, you can use reusable profiles for storing different types of settings. These and other elements related to route-based VPN configurations are pictured in this illustration.