TMS zl Management and Configuration Guide ST.1.1.100226
7-51
Virtual Private Networks
Configure an IPsec Client-to-Site VPN
Figure 7-39. VPN > Certificates > CRL Window (CRL Added)
Move to the next task: “Create an IPsec Proposal.”
Create Named Objects for the VPN (Optional)
You might want to configure the named objects indicated in Table 7-6.
For your reference, this table includes the location where you would specify
these named objects. However, later configuration instructions will indicate
when you actually need to specify each object. The table also includes a
reference to numbers in Figure 7-40. The number indicates the IP address for
that named object in an example network.
See “Named Objects” in Chapter 4: “Firewall” for step-by-step instructions for
configuring objects.
Table 7-6. Possible Named Objects for Client-to-Site VPNs
Example
Figure
Reference
Named Object Description Named Object Type Location Where the Named
Object is Specified
1
The TMS zl Module IP
address that acts as the
local VPN gateway
Single-entry IP address
object
Source or Destination for firewall
access policies that permit IKE
traffic
2 The IP addresses of local
endpoints that remote users are
allowed to access over the VPN
Single-entry IP, range, or network
address objects
• Source or Destination for
firewall access policies that
permit traffic sent across the
VPN
• If IKE mode config is not used,
Local Address in the IPsec
policy traffic selector