|
Navigate to the Services>Ipsec vpn level in the
configuration hierarchy.
|
- In the J-Web interface, select Configuration>View
and Edit>Edit Configuration.
- Next to Services, click Configure or Edit.
- Next to Ipsec vpn, click Configure.
|
From the [edit] hierarchy level, enter
edit services ipsec-vpn
|
|
Configure an IPSec rule named ipsec-dynamic-rule to act on
all input traffic.
|
- Next to Rule, click Add new entry.
- In the Rule name box, type ipsec-dynamic-rule.
- In the Match direction box, select Input from
the list.
|
Enter
set rule ipsec-dynamic-rule match-direction input
|
|
Configure a term—for example, term1, and a remote gateway—for
example, 10.90.90.1.
Note:
Because the rule applies to all traffic, you configure only the action
(or then statement) for the term.
|
- Next to Term, click Add new entry.
- In the Term name box, type term1.
- Next to Then, select the Yes check
box and click Configure.
- In the Remote gateway box, type 10.90.90.1.
|
- Enter
edit rule ipsec-dynamic-rule
- Enter
set term term1 then remote-gateway 10.90.90.1
|
|
Configure the IPSec rule ipsec-dynamic-rule to reference the
IKE policy ike-dynamic-policy and the IPSec policy ipsec-dynamic-policy for
the IPSec dynamic SA.
|
- In the Sa choice box, select Dynamic.
- Next to Dynamic, click Configure.
- In the Ike policy box, type ike-dynamic-policy.
- Click OK until you return to the main
Configuration page.
|
- Enter
edit term term1.
- Enter
set then dynamic ike-policy ike-dynamic-policy ipsec-policy ipsec-dynamic-policy
|