KB Home KB Home Back to all Knowledge Base Browse Knowledge Base Categories Printer Friendly Version Printer Friendly

Configuring a Policy Based LAN to LAN VPN When One Side Has a Dynamic IP Using Pre-shared Keys
Knowledge Base ID: KB4765
Version: 4.0
Published: 07 Oct 2008
Updated: 07 Oct 2008
Categories: . Firewall/IPSec_VPN
. IPSec
. ScreenOS

Synopsis:
Policy-based VPN - One Side has a Dynamic IP using Pre-shared Keys

Solution:

To configure a policy based LAN to LAN VPN when one side has a dynamic IP using pre-shared keys, perform the following steps:

Note: This example assumes the static IP address is assigned to site A, and site B gets its IP address dynamically via DHCP.

Step one: Configure a gateway for the site A. For more information on configuring a gateway for site A, go to Configuring a Gateway for Site A.

Step two: Configure a phase 2 proposal for site A. For more information on how to configure a phase 2 proposal for site A, go to Configuring a Phase 2 Proposal for Site A.

Step three: Configure a policy for site A. For more information on how to configure a policy for site A, go to Configuring a Policy for Site A.

Step four: Configure a gateway for site B. For more information on how to configure a gateway for site B, go to Configuring a Gateway for Site B.

Step five: Configure a phase 2 proposal for site B. For more information on how to configure a phase 2 proposal for site B, go to Configuring a Phase 2 Proposal for Site B.

Step six: Configure a policy for site B. For more information on how to configure a policy for site B, go to Configuring a Policy for Site B.

Purpose:
Troubleshooting

ASK THE KB
Question or KB ID:



RELATED TOPICS