Configuring remote hosts

Note: For an IPsec site-to-site VPN tunnel connection from one Smoothwall Filter and Firewall to another, many parameters can remain set to their default values. However, for maximum compatibility with other VPN gateways, you might need to adjust some settings.

Procedure

1. If using certificate-based authentication:
1. Export the Certificate Authority certificate, and the remote host’s certificate from the primary host.
2. From the remote host, import the Certificate Authority certificate exported in step 'a'.
3. From the remote host, import and install the Smoothwall’s certificate exported in step 'a'.
2. From the remote host, create a tunnel using the same settings as configured on the primary Smoothwall. If the remote host is another Smoothwall system, repeat stepsshown in the section Creating an IPsec Tunnel, but on the remote host.
3. Initiate the connection from the remote host.
   • If the remote host is a Smoothwall system, go to the Control page, else continue with step 6.
4. Under the IPsec subnets section, select the relevant VPN.
5. Click Up. The tunnel is initiated.
6. To allow traffic to and from the VPN tunnel, make sure that you configure and turn on appropriate zone bridging rules.