Deep Edge Online Help

Collapse AllExpand All
  • about
    • anti-DoS [1]
    • digital certificates [1]
    • HTTPS inspection [1]
    • LDAP user identification [1]
    • Local user identification [1]
    • product license [1]
    • security settings [1]
  • aboutDeep Edge [1]
  • accounts
    • adding [1]
    • administrator, deleting [1]
  • action
  • action profiles [1]
  • activation code [1]
  • ActiveUpdate [1]
  • adding
    • accounts [1]
    • action profiles [1]
    • application objects [1]
    • bandwidth rules [1]
    • IPsec connections [1]
    • NAT rules [1]
    • OSPF area [1]
    • policy rules [1] [2]
    • rules [1]
    • schedule objects [1]
    • service objects [1]
    • static route [1]
    • tabs [1]
    • user id policies [1]
    • VLAN subinterfaces [1]
    • VPN site-to-site policies [1]
  • address objects [1] [2]
  • administration
    • about [1]
    • Deep Edge [1]
    • language settings [1]
    • overview [1]
    • support [1]
    • system settings [1]
    • system settings, general [1]
    • time and date settings [1]
  • administrator
    • accounts, deleting [1]
  • Administrator's Guide [1]
  • advanced
    • IPsec configuration [1]
  • advanced settings
  • alerts:
    • notifications [1]
  • anti-DoS
    • about [1]
    • exceptions
    • flood protection
      • configuration [1]
  • anti-malware [1] [2]
    • anti-malware profiles [1]
    • file extension [1]
  • anti-malware pattern files [1] [2]
  • anti-malware protocol pattern files
    • pattern files
      • anti-malware protocol [1] [2]
  • anti-spam
    • anti-spam profiles [1]
    • security settings [1]
  • anti-spam profiles
    • configuring [1]
      • content settings [1]
    • disabling [1]
    • enabling [1]
    • modifying [1]
  • anti-spam protocol pattern files [1] [2]
  • anti-virus pattern files [1] [2]
  • application
  • application control
    • notifications [1]
  • Application Control
  • application control notifications [1]
  • application objects [1]
  • approved list
  • area OSPF [1]
  • audit logs
  • authentication
    • captive portal [1]
    • LDAP, advanced [1]
    • LDAP, basic [1]
    • LDAP, configuring [1]
    • user [1]
  • authentication method
  • backup [1]
  • bandwidth control
    • network settings [1]
    • policy settings [1]
    • widgets [1]
  • bandwidth summary
  • best practices
    • DNS servers [1]
    • suggestions [1]
  • blocked list
  • blocked URL
    • notifications [1]
  • blocked URL notifications [1]
  • bridge
  • CA [1] [2] [3]
  • cache server [1] [2]
  • captive portal [1]
  • certificate authority
  • certificate failure notifications [1]
  • changing
    • NAT rules [1]
  • changing bridge settings [1]
  • client
    • SSL VPN, installation [1]
  • client certificate failure
    • notifications [1]
  • client certificate failure notifications [1]
  • clients
    • viewing mobile VPN [1]
    • viewing PPTP VPN [1]
    • viewing SSL VPN [1]
  • cloud-based services [1]
  • codes
    • routing table [1]
  • community [1]
  • components
  • component version [1] [2]
  • configuring
    • address objects [1]
    • alerts for security violations [1] [2]
    • application control notifications [1]
    • blocked URL notifications [1]
    • bridge [1] [2]
    • captive portal [1]
    • console settings [1]
    • DDNS client [1]
    • deployment [1]
    • DNS forwarding [1]
    • file extension notifications [1]
    • IPS violation notifications [1]
    • LDAP, basic and advanced [1]
    • malware notifications [1]
    • notifications for scheduled updates [1]
    • proxy settings [1]
    • report settings [1]
    • routing [1]
    • server certificate failure notifications [1] [2]
    • SMTP notifications [1]
    • SSL VPN advanced settings [1]
    • SSL VPN IP address pools [1]
    • SSL VPN local networks [1]
    • system resource warnings [1]
    • system settings [1]
    • time and date settings [1]
    • URL filtering notifications [1]
    • user notifications [1]
    • WRS notifications [1]
    • zone objects [1]
  • configuring:
    • PPTP VPN general settings [1]
  • configuring general settings [1]
  • connections
  • console certificate [1]
  • console settings [1]
  • console timeout [1]
  • creating
    • scheduled reports [1]
    • scheduled report templates [1]
  • cryptography
  • customizing
  • dashboard
  • date
  • DCHP services [1]
  • DDNS
  • DDNS client [1]
  • dead peer detection [1]
  • debugging
  • debug mode
    • enabling PPTP VPN [1]
  • Deep Edge
    • administration [1]
    • main features [1]
    • management, about [1]
    • testing [1]
  • deep packet inspection [1]
  • deleting
    • action profiles [1]
    • address objects [1]
    • administrative accounts [1]
    • application objects [1]
    • NAT rules [1]
    • OSPF area [1]
    • saved reports [1]
    • scheduled reports [1]
    • services objects [1]
    • static route [1]
    • tabs [1]
    • zone objects [1]
  • denial of service attack [1]
  • deployment
  • Deployment Guide [1]
  • Deployment Modes
    • Bridge mode [1]
    • Bridge Mode [1]
    • Monitoring mode [1]
    • Monitoring Mode [1]
    • Routing mode [1]
    • Routing Mode [1]
  • detection
    • dead peer [1]
  • device risk summary
  • devices
    • management, accounts [1]
  • DHCP
    • advanced settings [1]
    • interface configuration [1]
    • lease time [1]
    • modifying services [1]
    • modifying settings [1]
    • static mapping [1]
    • viewing services [1]
    • viewing settings [1]
  • diagnosis
    • files [1]
    • trace traffic [1]
    • traffic tracing [1]
    • troubleshooting
      • traffic tracing [1]
  • diagnostic:
  • diagnostic files
    • generating [1]
  • diagnostics
    • about [1]
    • network packet capture [1]
    • packet capture [1]
  • digital certificates
    • about [1]
    • adding new [1]
    • certificate authority
    • changing status [1]
    • deleting [1]
    • managing [1]
    • viewing [1]
  • displaying
    • list of users [1]
  • DNS [1]
    • configuring forwarding [1]
    • forwarding configuration [1]
    • forwarding settings [1]
  • DNS forwarding configuration [1]
  • DNS servers [1]
  • documentation set [1]
  • DoS attack
    • ICMP/Ping flood [1]
    • TCP SYN flood [1]
    • UDP flood [1]
  • Download Center [1] [2]
  • Downloading
  • dynamic domain name system service [1]
  • dynamic source translation [1]
  • Dyn DNS [1]
  • editing
    • action profiles [1]
    • schedule objects [1]
  • editing interfaces [1]
  • EICAR test file [1] [2]
  • Email Reputation
  • email reputation services [1]
  • email reputation technology [1]
  • enabling
  • encapsulated security payload
  • encryption level
  • End user
    • settings, global [1]
  • error messages
  • example
    • IPsec NAT configuration [1]
    • IPsec office configuration [1]
    • site-to-site VPN [1] [2]
  • experience improvement
  • expiration
  • false positive [1] [2]
  • file extension
    • notifications [1]
    • types to scan [1]
  • file extension notifications [1]
  • file extension verification [1]
  • FreeDNS [1]
  • general system settings [1]
  • generating
    • manual reports [1]
  • global log settings [1]
  • hardware monitor
  • HTTPS inspection
    • about [1]
    • adding exceptions [1]
    • settings [1]
  • ICMP [1]
  • IKE [1] [2]
  • IKE debugging [1]
  • incremental updates [1] [2]
  • inline mode [1]
  • Installation Guide [1]
  • installing:
    • SSL VPN client [1]
  • integration
  • IntelliTrap [1] [2]
  • interface
  • interface information
  • interfaces [1]
  • Internet Key Exchange [1]
  • introductions
    • notifications [1]
  • IP address pools
  • IPS
    • about [1]
    • categories [1]
    • categories and actions [1]
    • instant message [1]
    • intrusion prevention system [1]
    • peer-to-peer [1]
    • policies [1]
    • profiles [1]
  • IPsec [1]
    • adding connections [1]
    • advanced configuration [1]
    • connections [1]
    • generate RSA key [1]
    • NAT configuration example [1]
    • office configuration example [1]
    • RSA key [1]
    • status [1]
    • troubleshooting [1]
  • IPS pattern files [1] [2]
  • IPS violation
    • notifications [1]
  • IPS violation notifications [1]
  • IPv4 or IPv6 [1]
  • Knowledge Base [1]
  • known issues
  • language, change [1]
  • LDAP [1]
    • advanced authentication [1]
    • authentication method [1]
    • basic authentication [1]
    • configuring, basic and advanced [1]
    • integration [1]
    • method of user identification [1]
    • settings, global [1] [2]
  • LDAP user identification
  • lease time [1]
  • license [1]
    • activation code [1]
    • expiration [1]
    • registering Deep Edge [1]
    • registration key [1]
    • updating [1]
  • local groups [1]
  • Local user identification
  • local users [1]
  • logs
    • about [1]
    • audit, about [1]
    • introduction [1]
    • queries, about [1]
    • querying [1]
    • querying audit logs [1]
    • querying system event logs [1]
    • querying traffic logs [1]
    • querying violation logs [1]
    • querying VPN logs [1]
    • settings [1]
    • settings, global [1]
    • system events, about [1]
    • traffic, about [1]
    • types [1]
    • viewing PPTP VPN [1]
    • viewing SSL VPN [1]
    • violation, about [1]
    • VPN, about [1]
  • main features [1] [2]
    • ActiveUpdate [1]
    • anti-spam [1]
    • application bandwidth monitoring [1]
    • Application Control [1]
    • LDAP integration [1]
    • logs [1]
    • Network Intrusion Protection [1]
    • reports [1]
    • security protection [1]
    • summary dashboard [1]
    • system notifications and alerts [1]
    • URL Filtering [1]
    • virus scanning [1]
    • Web Reputation [1]
  • maintaining updates [1] [2]
  • maintenance [1]
  • Maintenance Agreement
  • malware
    • notifications [1]
  • malware notifications [1]
  • management
    • Deep Edge, about [1]
    • device
    • enabling
      • management services [1]
    • service [1]
    • services, enabling [1]
    • SNMP [1]
  • manual reports [1]
    • generating [1]
  • manual updates [1] [2] [3] [4]
  • mobile VPN
    • viewing clients [1]
  • mode
  • modifying
    • DHCP settings [1]
    • NAT rules [1]
    • OSPF area [1]
    • OSPF interface [1]
    • passwords, user [1]
    • static route [1]
    • tabs [1]
  • monitoring mode [1]
  • NAT [1] [2]
    • adding rules [1]
    • changing rule priorities [1]
    • deleting rules [1]
    • IPsec configuration [1]
    • modifying rules [1]
    • rules [1]
    • site-to-site VPN configuration [1]
  • network
    • bandwidth control [1]
    • configuring for SSL VPN [1]
  • Network Address Translation [1]
  • network configuration
    • interfaces [1]
  • network features [1]
    • bridge [1]
    • mobile virtual private network [1]
    • NAT [1]
    • routing [1]
    • services [1]
    • site-to-site virtual private network [1]
    • user virtual private network [1]
  • network information
  • network intrusion prevention [1]
  • network RIP settings [1]
  • next-generation firewall [1]
  • notification
    • SMTP, configuring [1]
  • notifications
    • alerts [1]
    • application control [1]
    • blocked URLs [1]
    • certificate failure [1]
    • configuring for security violations [1] [2]
    • file extension [1]
    • introduction [1]
    • IPS violation [1]
    • malware [1]
    • schedule updates, configuring [1]
    • SMTP [1]
    • stopping [1]
      • notifications [1]
    • updates [1] [2]
    • URL filtering [1]
    • user policies [1]
    • WRS [1]
  • objects
    • address [1]
    • address parameters [1]
    • application objects [1]
    • policy [1]
    • schedule objects [1]
    • service objects [1]
    • zone [1]
  • online
    • community [1]
  • Online Help [1]
  • open shortest path first [1]
  • OSPF [1]
    • adding area [1]
    • area [1]
    • deleting area [1]
    • enabling global settings [1]
    • enabling OSPF distribute route [1]
    • global [1]
    • interfaces [1]
    • modifying area [1]
    • modifying interface [1]
    • redistribute [1]
    • redistributing link-state advertisement [1]
    • router ID [1]
  • overview
    • advanced IPsec configuration [1]
    • DDNS [1]
    • DDNS status [1]
    • DNS interface configuration [1]
    • dynamic domain name system service [1]
    • dynamic route management [1]
    • global OSPF [1]
    • interfaces [1]
    • NAT [1]
    • open shortest path first (OSPF) [1]
    • OSPF interfaces [1]
    • redistribute OSPF [1]
    • redistribute RIP settings [1]
    • remote access [1]
    • remote access for users [1]
    • routing information protocol (RIP) [1]
    • routing table [1]
    • services [1]
    • site-to-site VPN [1]
    • SSL VPN [1]
    • static route management [1]
    • traffic [1]
    • user management [1]
    • VLANs [1]
    • VPN [1]
  • overview of 2.1 [1]
  • packet capture
    • components [1]
  • packet captures [1]
  • parameters [1]
    • address objects [1]
    • captive portal [1]
    • logs settings, global [1]
    • reports [1]
    • services objects [1]
  • password
    • users, modifying [1]
  • pattern files [1] [2]
  • pattern information [1] [2]
  • ping
  • point-to-point tunneling VPN [1]
  • policies [1]
    • adding bandwidth rules [1]
    • adding rules [1]
    • adding VPN site-to-site [1]
    • addresses [1]
    • address objects [1]
    • bandwidth control [1]
    • enabling rules [1] [2]
    • how policies work [1] [2]
    • modifying IPS [1]
    • objects [1]
    • rules page [1] [2]
    • user id, adding [1]
    • user identification [1]
  • policy objects [1]
  • PPTP VPN [1]
    • advanced settings [1] [2]
    • enabling [1]
    • encryption level [1]
    • error messages [1]
    • overview [1]
    • troubleshooting [1]
    • viewing clients [1]
    • viewing logs [1]
  • product
  • product license [1]
  • product overview [1]
  • product patches
  • Product Patches
    • Backing up current configuration [1]
    • Downloading patch [1] [2]
    • Restoring previous configurations [1]
  • profiles [1] [2] [3]
    • configuring WRS [1]
    • web reputation [1]
    • WRS [1]
  • program components
  • proxy [1]
  • proxy settings [1] [2]
    • configuring [1]
  • purging
    • scheduled reports [1]
  • queries
  • querying
    • audit logs [1]
    • system events logs [1]
    • traffic logs [1]
    • violation logs [1]
    • VPN logs [1]
  • querying logs [1]
  • Quick Start Guide [1]
  • readme [1]
  • Readme [1]
  • redistributing OSFP [1]
  • redistribution
  • registering Deep Edge [1]
  • registration
  • registration key [1]
  • remote access [1]
    • user management [1]
  • removing
    • schedule objects [1]
  • removing bridge settings [1]
  • reports [1]
    • about [1]
    • configuring settings [1]
    • creating scheduled [1]
    • dashboard summary [1]
    • deleting saved [1]
    • deleting scheduled [1]
    • manual [1]
    • manual, generating [1]
    • parameters [1]
    • purging scheduled reports [1]
    • scheduled, about [1]
    • scheduled, templates [1]
    • settings [1]
    • templates [1]
    • top traffic reports [1]
    • types [1]
    • viewing saved reports [1]
    • violation events [1]
  • report types [1]
  • restore
  • Restoring [1]
  • RIP [1]
    • advanced global settings [1]
    • configuring global settings [1]
    • deleting a RIP network [1]
    • enabling global settings [1]
    • global settings [1]
    • network setting [1]
    • redistribution [1]
  • RIP:
    • adding a network [1]
  • rolling back updates [1] [2]
  • routing
    • dynamic route management [1]
    • settings [1]
    • static route management [1]
  • routing information protocol [1]
  • routing table
  • RSA key [1]
  • rules
    • adding NA [1]
    • changing NAT priorities [1]
    • deleting NAT [1]
    • modifying NAT [1]
    • NAT [1]
  • rules page
  • saved reports
  • scanning
  • scheduled reports [1]
  • scheduled updates [1] [2]
    • configuring notifications [1]
  • schedule objects [1]
  • scheduling updates [1] [2]
  • secure socket layer VPN [1]
  • security settings
  • security status
  • security violations
  • selecting
    • file extension scanning [1]
  • server certificate failure
    • notifications [1]
  • server certificate failure notifications [1]
  • service objects [1]
  • services [1]
    • DNS forwarding configuration [1]
    • DNS forwarding settings [1]
    • management [1]
    • management, enabling [1]
  • services objects
  • session event summary
  • session summary
  • settings [1] [2]
    • console, about [1]
    • deployment [1]
    • DNS forwarding settings [1]
    • End user synchronization [1]
    • LDAP, global [1] [2]
    • logs [1]
    • logs, global [1]
    • network RIP [1] [2]
    • PPTP VPN general [1]
    • reports [1]
    • reports, configuring [1]
    • RIP redistribution [1]
    • SMTP notifications [1]
    • SSL VPN server [1]
  • shell
  • site-to-site VPN [1]
  • Smart Protection Network [1] [2]
  • SMTP
    • notifications [1]
  • SNMP
  • SolutionBank
    • See Knowledge Base
  • spam detection [1]
  • spyware [1] [2]
  • SSH
  • SSL VPN
    • configuring advanced settings [1]
    • configuring local network [1]
    • enabling [1]
    • installing client [1]
    • IP address pools [1]
    • overview [1]
    • server settings [1]
    • troubleshooting [1]
    • viewing clients [1]
    • viewing logs [1]
  • static mapping [1]
  • static routing
  • status
  • summary dashboard [1]
    • adding tabs [1]
    • deleting tabs [1]
    • modifying tabs [1]
    • tabs [1]
  • support [1]
    • knowledge base [1]
    • resolve issues faster [1]
    • TrendLabs [1]
  • SYN [1]
  • synchronous transmission (SYN) [1]
  • system
  • system alerts
    • notifications [1]
  • system events logs
  • system information
  • system maintenance [1]
  • system resources
  • system resource warnings [1]
  • system settings
  • tabs
  • TCP [1]
  • technical support [1]
  • templates
    • report [1]
    • scheduled reports, creating [1]
  • testing
  • time
  • time and date
  • top applications
  • top devices protected by anti-botnets
  • top devices protected by anti-spam
  • top devices protected by anti-virus
  • top devices protected by IPS
  • top devices protected by WRS
  • top domains
  • top traffic
  • top URL categories
  • top users
  • traffic
  • traffic:routing [1]
  • traffic logs
  • traffic overview [1]
  • traffic status
  • traffic tracing [1]
  • transmission control protocol [1]
  • TrendEdge [1]
  • TrendLabs [1]
  • troubleshooting [1]
    • diagnosis [1]
    • packet capture [1]
    • PPTP VPN [1]
    • site-to-site VPN [1]
    • SSL VPN [1]
  • update
  • updates [1] [2]
  • updating
    • web console [1]
  • updating administrators license [1]
  • URL approved/blocked lists [1]
    • adding [1]
    • enabling/disabling [1]
  • URL database [1] [2] [3] [4]
  • URL filtering [1]
    • notifications [1]
    • testing [1]
  • URL filtering notifications [1]
  • URLs
  • user
  • user authentication [1]
  • user datagram protocol [1]
  • user identification
  • user id policies
  • user management [1]
  • user notifications [1]
  • users
    • list of [1]
    • passwords, modifying [1]
  • verifying
    • file extension [1]
  • verifying updates [1] [2]
  • viewing
    • action profiles [1] [2]
    • address objects [1]
    • application objects [1]
    • DCHP services [1]
    • DHCP settings [1]
    • list of users [1]
    • mobile VPN clients [1]
    • PPTP VPN clients [1]
    • PPTP VPN logs [1]
    • routing table [1]
    • saved reports [1]
    • service objects [1]
    • SSL VPN clients [1]
    • SSL VPN logs [1]
    • zone objects [1]
  • violation events
  • violation event status
  • violation logs
  • virtual private network [1]
  • virus patterns [1] [2]
  • virus scan engines [1] [2]
  • VLANs [1]
    • adding subinterfaces [1]
  • VPN [1] [2] [3]
  • VPN logs
  • VPN on Demand [1]
  • VPN site-to-site
    • adding policies [1]
  • VPN tunnel
  • warnings
    • system resource, notifications [1]
  • web reputation
  • Web Reputation
  • web shell
  • widget
    • bandwidth summary [1]
    • pattern information [1] [2]
    • top applications [1]
  • widgets [1]
    • about [1]
    • adding [1]
    • bandwidth control [1]
    • customizing [1] [2]
    • dashboard [1]
    • deleting [1]
    • description [1]
    • device risk summary [1]
    • hardware monitor [1]
    • interface information [1]
    • network information [1]
    • pattern information [1]
    • security status [1]
    • session event summary [1]
    • session summary [1]
    • system information [1] [2]
    • system resources [1]
    • top devices protected by anti-botnets [1]
    • top devices protected by anti-spam [1]
    • top devices protected by anti-virus [1]
    • top devices protected by IPS [1]
    • top devices protected by WRS [1]
    • top domains [1]
    • top URL categories [1]
    • top users [1]
    • traffic status [1]
    • violation event status [1]
  • WRS
    • configuring profiles [1]
    • notifications [1]
    • profiles [1]
  • WRS notifications [1]
  • zone objects [1]
  • zones

Adding a New IPsec Connection Parent topic

Use Site-to-Site VPN to establish IPSec VPN tunnels between Deep Edges.
Note
Note
Make sure that Ethernet interfaces and routers are configured properly.

Procedure

  1. Go to NetworkSite-to-site VPNConnections.
  2. Click Add New Connections.
    The Add/Edit IPsec Connections dialog box appears.
  3. Specify the following parameters:
    Option Description
    Enable IPSec connect Select the check box to enable the tunnel.
    Name Type a name to identify the IPsec tunnel.
    Gateway type Select Initiate (active) or Response (passive) role of the IPsec tunnel.
    Gateway Specify the gateway IP address.
    Interface name Select the interface name from the drop-down list box (eth0, eth1).
    Policy name
    Select the policy name from the drop-down list box, either Default or a specific policy, that applies to the IPsec tunnel.
    Note
    Note
    Configure non-default IPsec policies at NetworkSite-to-site VPNPolicies.
    Authentication type Select Pre-shared key or RSA key from the drop-down list box.
    For Pre-shared Key
    Specify the key and confirm it.
    If Pre-shared Key is selected, specify the pre-shared key that Deep Edge uses to authenticate itself to the remote peer or dial-up client. administrators must define the same value at the remote peer or client. The key must contain at least six printable characters and should be known only by network administrators. For optimum protection against currently known attacks, the key should consist of a minimum of 16 randomly chosen alphanumeric characters.
    For RSA key
    Specify the public key.
    If RSA key is selected, select the name of the server certificate that Deep Edge uses to authenticate to the remote peer.
    VPN ID Input the local IP address if the IPsec gateway is behind a NAT device.
    Add Local Networks Select the local network, or add a new address object.
    Add Remote Networks Select the remote network, or add a new address object.
  4. Click Apply.
  5. Verify the new IPsec connection at NetworkSite-to-site VPNConnections.