Configuring Full-Mesh Site-to-Site VPNs | Trend Micro Service Central

Table of Contents

The page you're looking for can't be found or is under maintenance

Try again later or go to the home page

Configuring Full-Mesh Site-to-Site VPNs

There are several steps to configuring a full-mesh site-to-site VPN.

Every gateway must be configured with a tunnel to every other gateway.

Create local and remote address objects that you will need during the VPN configuration.

Adding/Editing IP Address/FQDN Objects

For information about what address objects are needed, you can review the example: Example: Full-Mesh Site-to-Site VPN
Choose which IPsec policy to use when configuring the IPsec VPN connections.

IPsec policies are selected when configuring an IPsec VPN connection. You can use the Default IPsec policy, use another existing policy, or you can add a new IPsec policy.

Adding an IPsec Policy
On the central hub gateway, configure a tunnel to every remote gateway.

Adding an IPsec VPN Connection
On every remote gateway, configure a tunnel to every remote gateway and back to the central hub.

Adding an IPsec VPN Connection
Optional: Configure advanced options for site-to-site VPN settings including dead peer detections and enabling IKE debugging.

Configuring Advanced Site-to-Site VPN Settings