Defining Tunnel Creation Methods in NSM

You can use different ways to create the tunnel. They are:

Using VPN Manager

When adding a VPN using the VPN Manager, you enter the VPN members, gateways, IKE properties, and VPN topology, and then autogenerate the VPN rules that create the VPN. You can inspect the VPN rules and override any VPN property before sending the VPN configuration to your devices.

You can choose the VPN type that best matches your VPN requirements. Table 50 describes the VPN types that match your VPN requirements.

Table 50: VPN Types

VPN Types

Description

Autokey IKE VPN

Use to authenticate and encrypt traffic between devices and/or protected resources. An Autokey IKE VPN supports:

  • Mixed-mode VPNs (policy-based members and route-based members)
  • Policy-based VPNs
  • Route-based VPNs
  • ESP and AH Authentication
  • ESP AutoKey IKE Encryption
  • IP traffic
  • Tunnels between devices (routing-based) and protected resources (policy-based)

Autokey IKE RAS VPN

Use to authenticate and encrypt traffic between remote users and protected resources. An Autokey IKE RAS VPN supports:

  • Policy-based VPNs
  • ESP and AH Authentication
  • ESP AutoKey IKE Encryption
  • IP traffic
  • Remote access users

L2TP RAS VPN

Use to authenticate (but not encrypt) PPP or other non-IP traffic between RAS users and protected resources. An L2TP RAS VPN supports:

  • Policy-based VPNs
  • AH Authentication
  • PPP or other non-IP traffic
  • Remote access users

L2TP over Autokey IKE RAS VPN

Use to authenticate and encrypt PPP traffic between remote users and protected resources. An L2TP over Autokey IKE RAS VPN supports:

  • Policy-based VPNs
  • ESP and AH Authentication
  • ESP AutoKey IKE Encryption
  • PPP or other non-IP traffic
  • Remote access users

Creating Device-Level VPNs

You can create the following VPN types:

Related Documentation