Link Selection for Remote Access Clients
Link Selection is a method for remote peers to determine the IP address of the local Security Gateway.
Configuring Link Selection for Remote Access
To configure Link Selection for Remote Access:
-
In SmartConsole, open the Security Gateway object properties.
-
Go to the IPSec VPN > Link Selection page.
-
Select the Link Selection method:
-
Always use this IP address - when a VPN peer tries to determine the IP address of the Security Gateway, it always uses the IP address specified here.
-
|
Main address |
The main IP address of the Security Gateway, as specified in the IP Address field on the General Properties page. |
|
Selected address from topology table |
An IP address is selected from the list of IP addresses. These IP addresses are configured on the Topology page. |
|
Statically NATed IP |
A statically NATed IP address. The real IP address does not show in the topology table. |
-
Calculate IP based on network topology - when a VPN peer tries to determine the IP address of the Security Gateway, the Security Gateway sends the list of its internal interfaces and the networks behind them to the client. The client checks if the IP address of one of its interfaces is on a network on this list. If a match exists, it establishes a connection with the matching IP address. Otherwise, it uses the IP address of the first external interface on the Security Gateway.
Note - The Use DNS resolving and the Use probing methods are not available for the remote access clients
-
Save the changes.
-
Install Policy.