This example demonstrates how to use the VPN Setup Wizard to establish an IPSec Site-to-Site VPN tunnel between USG FLEX H devices. It provides instructions on configuring the VPN tunnel for each site, even when one site is behind a NAT router. Once the IPSec Site-to-Site VPN tunnel is set up, both sites can be accessed securely.
Disclaimer!
This article offers a general overview of the series and may not apply uniformly to every model. Before purchasing or using the device, please consult the model-specific documentation or reach out to technical support for accurate information.
Note: Please ensure that you have NAT mapping UDP port 4500 to the USG FLEX H device
Set up IPSec VPN Tunnel for HQ Office
VPN > IPSecVPN > Site to Site VPN > Add
- Type the VPN "Name" used to identify this VPN connection
- Select the "Behind NAT" to the "Remote Site"
- Click "Next"
- Configure "My Address" - here it is possible to select the interface or manually enter the IP address
- Click "Next"
- Type a secure "Pre-Shared Key"
- Click "Next"
Configure the Local Subnet to be the IP address of the network connected to the gateway. Set the Remote Subnet to be the IP address of the network connected to the peer gateway. Make sure that the Local Firewall and the Remote Firewall have different subnets to prevent any conflicts between the local and remote sites.
Summary
The screen provides a summary of the VPN tunnel. You can edit it if you want to modify it.
Set up IPSec VPN Tunnel for Branch
VPN > IPSecVPN > Site to Site VPN > Add
- Type the VPN name used to identify this VPN connection
- Switch "Behind NAT" to the "Local Site"
- Click "Next"
- Configure "My Address"
- Configure "Peer Gateway Address"
- Click "Next"
- Configure "My Address"
- Configure "Peer Gateway Address"
- Click "Next"
- Type a secure "Pre-Shared Key"
- Click "Next"
-
Set Local Subnet to be the IP address of the network connected to the gateway and
Remote Subnet to be the IP address of the network connected to the peer gateway - Click "Finish"
Test IPSec VPN Tunnel
VPN Status > IPSec VPN
Ping the PC in the Branch Office
Win 11 > cmd > ping 192.168.160.1
Comments
0 commentsPlease sign in to leave a comment.