Add Tunnels

VPN ›› IPsec ›› Tunnels ››
Parent Previous Next

Add Tunnels


This screen helps in creating IPsec Tunnels


Add Tunnels


The following information are required create to an IPsec Tunnel:

Tunnel Name: A unique name to identify the tunel

Policy: A policy used by the tunnel created here VPN -> IPsec -> Policy

VPN Type: L2TP over IPsec or IPSEC


If L2TP is selected then following information needs to be filled in:

Action on Restart: What action needs to be taken when IPsec is restarted, Active ensures that any reboot causes immediate renegotiation.

Local Server: The name of the Host/Interface Name acting as the local server, the connection endpoint.

Gateway of Local Server: The name of the Host/Interface acting as Gateway to the local server acting above. Note: Please Setup Local Server and Gateway of local server properly, else the tunnel connection will not be established

Local ID: The Local Identifier. (Note: In case of X.509 leave the adjoining text box blank)

Remote Host: The name of Remote Host (Note: The IPaddress of the remote host needs to be added to Firewall -> Networks -> Host)

Remote ID: The Remote Identifier. (Note: In case of X.509 leave the adjoining text box blank)

Authentication Type: Select a Authentication Type, either Presharedkey, or Digital Certificate.

Preshared Key: In case of a preshared key based authentication, the tunnel connection is established using the passphrase provided. (The PassPhrase provided needs to be more that 10 characters long )

Remote Certificate: If the Authentication type is selected to be Digital Certificate based, then select a User Certificate to authenticate. The client will also need the copy of this certificate.


If IPsec is selected then the following additional information needs to be filled in:

Connection Type: The Connection Type can be Road Warrior, or Net to Net or Host to Host

Road Warrior: In case of RoadWarrior , Remote Local Network details is not required . The Connection is established from a single remote machine to the server. Road Warriors get access to the local network. For Roadwarrior connections, it is recommended that the Remote ID be email address.

Net to Net: In case of Net to Net, the VPN connection is established from the remote network to the local network. Local Network Detail and Remote Network details need to be provided.

Host to Host: Host to Host, the VPN connection established is from the Remote Host to Local Host Host. Local Network and Remote Network detail is not required in case of Host to Host.