Define VPN topology for policy-based VPNs
For a valid policy-based VPN, you must have at least two gateways in the VPN. At least one of the gateways must be listed as a central gateway. The satellite gateways list can be left empty (for a full-mesh topology).
- Which gateways are included in the VPN.
- Which gateways form tunnels with each other.
- Which gateways contact each other through a hub gateway instead of contacting each other directly.
You define general VPN topology by classifying gateways as Central Gateways or Satellite Gateways. This classification defines which tunnels are generated on the Tunnels tab, and which gateways can be selected for mobile VPN access on the Mobile VPN tab.
IPv4 Access rules control which connections use the VPN tunnels. Always check the Access rules after you add or remove tunnels.
For more details about the product and how to configure features, click Help or press F1.
Steps
Issues pane (Policy-Based VPN editing view)
Use this pane to view and solve VPN issues.
Option | Definition |
---|---|
Description | A description of the issue and recommendations for troubleshooting. |
Gateway A | The name of the VPN Gateway element. |
Endpoint A | The IP address of VPN endpoint A. |
Gateway B | The name of the VPN Gateway element or the External VPN Gateway element. |
Endpoint B | The IP address of VPN endpoint B. |