Procedure

1. Go to Network → Site-to-site VPN → Connections.
2. Click Add New Connections.
   The Add/Edit IPsec Connections dialog box appears.
3. Specify the following parameters:

   Option	Description
   Name	Type a name to identify the IPsec tunnel.
   Enable	Check the check box to enable the tunnel.
   Gateway type	Select Initiate (active) or Response (passive) role of the IPsec tunnel.
   Interface Name	Select the interface name from the drop-down list box (eth0, eth1).
   Policy Name	Select the policy name from the drop-down list box, either Default or a specific policy, that applies to the IPsec tunnel. Note Configure non-default IPsec policies at Network → Site-to-site VPN → Policies.
   Authentication type	Select Preshared key or RSA key from the drop-down list box.
   For Preshared Key	Specify the key and confirm it. If Pre-shared Key is selected, specify the pre-shared key that Deep Edge uses to authenticate itself to the remote peer or dialup client. Administrators must define the same value at the remote peer or client. The key must contain at least six printable characters and should be known only by network Administrators. For optimum protection against currently known attacks, the key should consist of a minimum of 16 randomly chosen alphanumeric characters.
   For RSA key	Specify the public key. If RSA key is selected, select the name of the server certificate that Deep Edge uses o authenticate itself to the remote peer.
   VPN ID	Input the local IP address if the IPsec gateway is behind a NAT device.

4. Add the IP address and netmask for either local networks (under Add Local Networks) or Remote Networks (under Add Remote Networks.)
5. Click OK.
6. Verify the new IPsec connection at Network → Site-to-site VPN → Connections.