IPSec VPN can be used to establish a secure tunnel between two sites, often used for network docking of Enterprise Headquarters and branch offices. This paper takes a company Beijing headquarters and Guangzhou branch need to build a safe tunnel as an example, introduce the setting method of using WVR series Enterprise wireless router to build IPSec VPN.
Note: The above parameters are for illustrative purposes only, please refer to actual network parameters when configuring.
Note: the following is a new version of WVR interface, if your router is the old version of the interface, please search the service support for the router model, view the corresponding settings document.
1
, set up the headquarters router
IPSec
Security Policy
Enter
VPN > IPSec > IPSec Security Policy , click and set as follows:
Binding interface: That is, the headquarters to use which interface with the division docking, please select the interface to connect broadband.
The other settings remain the default, save the settings and click the upper-right corner of the interface to
save the configuration .
2
, set the partial router's
IPSec
Security Policy
The partial IPSec security policy corresponds exactly to the headquarters policy and is set as follows:
Save the settings and click the upper-right corner of the interface to
save the configuration .
Note: the advanced settings for Headquarters and divisions are recommended to remain the default setting, and the optimal level of encryption is automatically negotiated.
3
,
IPSec
Tunnel built successfully
In the
IPSec > IPSec
Security Policy, the Security alliance has a corresponding tunnel entry, indicating that the IPSec tunnel was successfully established, as shown in the following figure:
At this point, the Headquarters and division of the IPSec security tunnel was established successfully, both ends of the intranet can access to the End-to-end resources. If you have multiple divisions that need to establish an IPSec tunnel with your headquarters, follow these methods to configure the corresponding security policy at both the head office and the division.