Creating a Client Configuration (Dynamic VPNs)

Client configurations control which resources should be protected by the VPN configuration and specify which users can download the client.

In this example, you configure the device to protect the 10.100.100.0/24 resource, but specify that the 0.0.0.0./0, 1.1.1.1/24, and 0.0.0.0/32 resources are exempt. You specify that the dynamic VPN feature should use the ipsec-config VPN configuration to create the VPN tunnel. In addition, you add johndoe and janedoe to the list of users who can download the client.

To configure client configurations, use either the J-Web or the CLI configuration editor. (For information about configuring client configurations using J-Web Quick Configuration pages, see Creating a Client Configuration—Quick Configuration (Dynamic VPNs).)

This topic covers:

• J-Web Configuration
• CLI Configuration

J-Web Configuration

To create a client configuration in J-Web:

1. Select Configure>CLI Tools>Point and Click CLI.
2. Next to Security, click Configure or Edit.
3. Next to Dynamic vpn, click Configure or Edit.
4. Next to Clients, click Add New Entry .
5. In the Name field, enter config1.
6. Enter ipsec-config in the Ipsec vpn field.
7. Next to Remote protected resources, click Add New Entry .
8. In the Resource ip field, enter 10.100.100.0/24 and click OK.
9. Next to Remote exceptions, click Add New Entry .
10. In the Exception ip field, enter 0.0.0.0/0 and click OK.
11. Next to Remote exceptions, click Add New Entry .
12. In the Exception ip field, enter 1.1.1.1/24 and click OK.
13. Next to Remote exceptions, click Add New Entry .
14. In the Exception ip field, enter 0.0.0.0/32 and click OK.
15. Next to User, click Add New Entry .
16. In the Name field, enter johndoe and click OK.
17. Next to User, click Add New Entry .
18. In the Name field, enter janedoe and click OK.
19. To save and commit the configuration, click Commit.

CLI Configuration

To create a client configuration in the CLI editor: