Configuring Star Site-to-Site VPNs | Trend Micro Service Central

Table of Contents

The page you're looking for can't be found or is under maintenance

Try again later or go to the home page

Configuring Star Site-to-Site VPNs

There are several steps to configuring a star site-to-site VPN.

First, the central hub gateway must be configured with a tunnel connection to every remote gateway. Then, every remote gateway must be configured with a connection back to the central hub.

Procedure

Create local and remote address objects that you will need during the VPN configuration.

Adding/Editing IP Address/FQDN Objects

For information about what address objects are needed, you can review the example: Example: Star Site-to-Site VPN
Choose which IPsec policy to use when configuring the IPsec VPN connections.

IPsec policies are selected when configuring an IPsec VPN connection. You can use the Default IPsec policy, use another existing policy, or you can add a new IPsec policy.

Adding an IPsec Policy
On the central hub gateway, set up a connection to each spoke device.

Adding an IPsec VPN Connection
On each spoke gateway, set up a connection to the hub device.

Adding an IPsec VPN Connection
Optional: Configure advanced options for site-to-site VPN settings including dead peer detections and enabling or disabling IKE debugging.

Configuring Advanced Site-to-Site VPN Settings