8/25/2023 0 Comments Check point allow vpn passthroughFigure 1-2 shows the source and destination security zones. For example, Firewall_A initiates a service access request. The interface refers to the interface to which the IPsec policy group is applied or the virtual tunnel interface to which the IPsec profile is applied. In security policy 105 for the traffic to be encrypted entering the IPsec tunnel, the source security zone is the security zone (Trust) to which the packet sender belongs, and the destination security zone is the security zone to which the interface that establishes the IPsec tunnel belongs.Therefore, you do not need to configure security policy 101 or 102. If IPsec VPN is configured manually, the firewalls do not use ISAKMP messages to negotiate SAs.No security policy needs to be configured for IPsec-encrypted packets sent from the firewall. Configure security policy 103 for a firewall to receive IPsec-encrypted packets from the peer firewall. Table 1-1 Security policy example - site-to-site IPsec VPN
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |