Procedure

1. Click Add.
   The Add/Edit IPSec connection window opens.
2. Specify the IPsec connection parameters.

   Enable IPSec connection	Select ON to enable the tunnel.
   Name	Type a name to identify the IPsec VPN tunnel.
   Interface name	Select the interface name from the drop-down list.
   Gateway	Select the desired method for specifying the gateway: IP address: Specify the gateway IP address. Gateway name: Select an available gateway from the drop-down list. Note You can select either IP address or Gateway name if the VPN device is Cloud Edge. If the VPN device is a third-party device, you must choose IP address.
   Local ID	Enter a text string for Local ID. Cloud Edge uses the Local ID to help identify which gateways are local in the topology.
   Remote ID	Enter a text string for Remote ID. Cloud Edge uses the Remote ID to help identify which gateways are remote in the topology.
   Add local networks	Select the local network or add a new address object.
   Add remote networks	Select the remote network or add a new address object.
   Authentication type	Select Preshared key or RSA key from the drop-down list.
   For Preshared key	Specify the key and confirm it. If Preshared Key is selected, specify the pre-shared key in Key and confirm it in Confirm key. Cloud Edge uses the key to authenticate itself to the remote peer or dial-up client. Make sure to define the same value at the remote peer or client. The key must contain at least six printable characters and should be known only by network administrators. For optimum protection against currently known attacks, the key should consist of a minimum of 16 randomly chosen alphanumeric characters.
   Policy name	Select the policy name from the drop-down list, either Default or a specific policy, that applies to the IPsec tunnel. Note Configure non-default IPsec policies at Gateway → Site-to-site VPN → Policies. See Adding an IPsec Policy.

3. Click Save.