Defining Tunnel Creation Methods in NSM
You can use different ways
to create the tunnel. They are:
Using VPN Manager
When adding a VPN using the VPN Manager, you enter
the VPN members, gateways, IKE properties, and VPN topology, and then
autogenerate the VPN rules that create the VPN. You can inspect the
VPN rules and override any VPN property before sending the VPN configuration
to your devices.
You can choose the VPN type that best matches your
VPN requirements. Table 1 describes
the VPN types that match your VPN requirements.
Table 1: VPN Types
VPN Types
|
Description
|
Autokey IKE VPN
|
Use to authenticate and encrypt traffic between devices and/or
protected resources. An Autokey IKE VPN supports:
- Mixed-mode VPNs (policy-based members and route-based
members)
- Policy-based VPNs
- Route-based VPNs
- ESP and AH Authentication
- ESP AutoKey IKE Encryption
- IP traffic
- Tunnels between devices (routing-based) and protected
resources (policy-based)
|
Autokey IKE RAS VPN
|
Use to authenticate and encrypt traffic between remote users
and protected resources. An Autokey IKE RAS VPN supports:
- Policy-based VPNs
- ESP and AH Authentication
- ESP AutoKey IKE Encryption
- IP traffic
- Remote access users
|
L2TP RAS VPN
|
Use to authenticate (but not encrypt) PPP or other non-IP traffic
between RAS users and protected resources. An L2TP RAS VPN supports:
- Policy-based VPNs
- AH Authentication
- PPP or other non-IP traffic
- Remote access users
|
L2TP over Autokey IKE RAS VPN
|
Use to authenticate and encrypt PPP traffic between remote users
and protected resources. An L2TP over Autokey IKE RAS VPN supports:
- Policy-based VPNs
- ESP and AH Authentication
- ESP AutoKey IKE Encryption
- PPP or other non-IP traffic
- Remote access users
|
Creating Device-Level VPNs
You can create the following VPN types:
- AutoKey IKE VPN
- Manual key IKE VPN
- L2TP VPN
- Redundant site-site VPN
Published: 2009-08-20
