Manualshelf

User manual

ManualsBrandsSecure Computing ManualsComputer equipmentSG550
231232233234235236237238239240
Virtual Private Networking
229
The following scenario assumes that the Headquarters SG and Branch Office SG each
have two static Internet IP addresses. The Branch Office SG establishes an IPSec
tunnel from its primary Internet IP address to the primary Internet IP address at the
Headquarters SG as the primary IPSec tunnel path. If this IPSec connection is detected
to have failed, a failover IPSec tunnel is established from the secondary Internet IP
address to the cecondary Internet IP address at the Headquarters SG. Once in the
failover state, the Branch Office SG will periodically determine if the primary IPSec tunnel
path is functioning again, and if so, will fallforward to use the primary link instead.
Setup an IPSec tunnel between the primary Internet IP Addresses (209.0.0.1 <->
210.0.0.1). Default values are used in the configuration unless otherwise specified below:
Headquarters SG configuration:
Tunnel name: PrimaryLink
Local interface: Internet port
Route to remote endpoint: Internet port's gateway
The remote party's IP address: 210.0.0.1
Local network: Address of Internet port
Remote network: Remote endpoint
Branch Office SG configuration:
Tunnel name: PrimaryLink
Local interface: Internet port
Route to remote endpoint: Internet port's gateway
The remote party's IP address: 209.0.0.1
Local network: Address of Internet port
Remote network: Remote endpoint