Filter
Top Products
DFL-500 User Manual
61
•
Select OK to add the VPN concentrator.
Adding a VPN concentrator
Adding an encrypt policy
Add encrypt policies to connect users on your internal network to a VPN tunnel. Encrypt policies are always
Int -> Ext policies. The source of the encrypt policy must be an address on your internal network. The
destination of this policy must be the address of the network behind the remote DFL-500 NPG gateway.
The policy must also include the VPN tunnel that you created to communicate with the remote DFL-500 NPG
VPN gateway. When users on your internal network attempt to connect to the internal network behind the
remote DFL-500 NPG gateway, the encrypt policy intercepts the connection attempt and starts the VPN
tunnel added to the policy. The tunnel uses the remote gateway added to its configuration to connect to the
remote DFL-500 NPG VPN gateway and the DFL-500 NPGs use their remote gateway and VPN tunnel
configurations to establish a VPN tunnel between them.
Using encrypt policies, you can control:
• the direction of traffic flow through the VPN,
• the addresses that can connect to the VPN tunnel.
The source and destination addresses that you specify when you add an encrypt policy identify the computers
or networks that can connect using the VPN. Users connecting from either the source or destination address
will be able to connect to the other address securely using VPN.
The destination address can be a VPN client address on the Internet or the address of a network behind a
remote VPN gateway.
To add an encrypt policy:
•
Add the source address for the policy.
The source address is an IP address on your internal network that can connect to the VPN.
For information about adding addresses, see Adding addresses
.
• Add the destination address for the policy.