You must add a Policy-Based VPN element for this configuration.
Before you begin
You must have a custom VPN Profile element for configuration 3.
Note: This configuration scenario does not explain all settings related to Policy-Based VPN elements.
For more details about the product and how to configure features, click Help or press F1.
Steps
-
Select Configuration, then browse to SD-WAN.
-
Right-click Policy-Based VPNs in the element tree, then select New Policy-Based
VPN.
-
In the
Name field, enter a unique name.
-
From the Default VPN Profile drop-down list, select the custom VPN Profile that you created.
-
Select
Apply NAT Rules to Traffic That Uses This VPN.
This option applies the NAT rules in the policy and the global NAT definition for the Firewall.
-
Click
OK.
The
VPN Editing view opens on the
Site-to-Site VPN tab.
-
Drag and drop the VPN Gateway element that represents the firewall to
Central Gateways.
-
On the
Mobile VPN tab, select
Only central Gateways from overall topology to define which VPN Gateways provide Mobile VPN access.
-
On the Tunnels tab, make sure that the Validity column in the Gateway<->Gateway and the
End-Point<->End-Point tables has a green check mark to indicate that there are no problems.
-
If the Validity column of a tunnel has a warning icon, see the Issues pane to check what the problem is. If the pane is not
shown, select .
-
If issues are shown, correct them as indicated. Long issues are easiest to read by hovering over the issue text so that the text is shown as a tooltip.
-
Click Save.
Next steps
Create User elements.