|
Navigate to the Services>Ipsec vpn level
in the configuration hierarchy.
|
- In the J-Web interface, select Configuration>View
and Edit>Edit Configuration.
- Next to Services, click Configure or Edit.
- Next to Ipsec vpn, click Configure.
|
From the [edit] hierarchy level, enter
edit services ipsec-vpn
|
|
Configure an IPsec rule named ipsec-dynamic-rule to
act on all input traffic.
|
- Next to Rule, click Add new
entry.
- In the Rule name box, type ipsec-dynamic-rule.
- In the Match direction box, select Input from the list.
|
Enter
set rule ipsec-dynamic-rule match-direction input
|
|
Configure a term—for example, term1, and a remote
gateway—for example, 10.90.90.1.
Note:
Because the rule applies to all traffic, you configure only
the action (or then statement) for the term.
|
- Next to Term, click Add new
entry.
- In the Term name box, type term1.
- Next to Then, select the Yes check box and click Configure.
- In the Remote gateway box, type 10.90.90.1.
|
- Enter
edit rule ipsec-dynamic-rule
- Enter
set term term1 then remote-gateway 10.90.90.1
|
|
Configure the IPsec rule ipsec-dynamic-rule to reference
the IKE policy ike-dynamic-policy and the IPsec policy ipsec-dynamic-policy for the IPsec dynamic SA.
|
- In the Sa choice box, select Dynamic.
- Next to Dynamic, click Configure.
- In the Ike policy box, type ike-dynamic-policy.
- Click OK until you return
to the main Configuration page.
|
- Enter
edit term term1.
- Enter
set then dynamic ike-policy ike-dynamic-policy ipsec-policy
ipsec-dynamic-policy
|