Using Third Party VPN Peers with Many External Interfaces
When you use third-party VPN peers and have multiple external interfaces on the 61000/41000 Security System, you must configure the SGMs and the Management Server.
To configure the 61000/41000 Security System:
- Run this command on the SMO:
# g_update_conf_file $FWDIR/modules/vpnkern.conf ipsec_use_p1_src_ip= 1
- Reboot all SGMs.
To configure the Management Server:
- Open
$FWDIR/lib/vpn_table.def in a text editor. - Add this line to the configuration file:
dynamic_ipsec_source_address = dynamic sync keep expires EX_INFINITE;
- In SmartDashboard, install policy.
|