Configuring remote hosts
Note: Many parameters used can be left at their default values when creating an IPsec site-to-site VPN tunnel Smoothwall to Smoothwall connections. However, for maximum compatibility with other VPN gateways, some settings might need adjustment. This section describes each parameter that can be configured when creating an IPsec tunnel.
- If using certificate-based authentication:
- Export the Certificate Authority certificate, and the remote host’s certificate from the primary host.
- From the remote host, import the Certificate Authority certificate exported in step 'a'.
- From the remote host, import and install the Smoothwall’s certificate exported in step 'a'.
- From the remote host, create a tunnel using the same settings as configured on the primary Smoothwall. If the remote host is another Smoothwall system, repeat stepsshown in the section Creating an IPsec Tunnel, but on the remote host.
- Initiate the connection from the remote host.
- If the remote host is a Smoothwall system, go to the Control page, else continue with step 6.
- Under the IPsec subnets section, select the relevant VPN.
- Click Up. The tunnel is initiated.
- To allow traffic to and from the VPN tunnel, make sure that you configure and turn on appropriate zone bridging rules.