Procedure

1. Go to Network → Site-to-site VPN → Connections.
2. Click Add New Connections.
   The Add/Edit IPsec Connections dialog box appears.
3. Specify the IPsec connection parameters.

   Enable IPSec connect	Select the check box to enable the tunnel.
   Name	Type a name to identify the IPsec tunnel.
   Gateway type	Select Initiate (active) or Response (passive) role of the IPsec tunnel.
   Gateway	Specify the gateway IP address.
   Interface name	Select the interface name from the drop-down list box (eth0, eth1).
   Policy name	Select the policy name from the drop-down list box, either Default or a specific policy, that applies to the IPsec tunnel. Note Configure non-default IPsec policies at Network → Site-to-site VPN → Policies.
   Authentication type	Select Pre-shared key or RSA key from the drop-down list box.
   For Pre-shared Key	Specify the key and confirm it. If Pre-shared Key is selected, specify the pre-shared key that Deep Edge uses to authenticate itself to the remote peer or dial-up client. Make sure to define the same value at the remote peer or client. The key must contain at least six printable characters and should be known only by network administrators. For optimum protection against currently known attacks, the key should consist of a minimum of 16 randomly chosen alphanumeric characters.
   For RSA key	Specify the public key. If RSA key is selected, select the name of the server certificate that Deep Edge uses to authenticate to the remote peer.
   VPN ID	Input the local IP address if the IPsec gateway is behind a NAT device.
   Add Local Networks	Select the local network, or add a new address object.
   Add Remote Networks	Select the remote network, or add a new address object.

4. Click Apply.
5. Verify the new IPsec connection at Network → Site-to-site VPN → Connections.