5 vpn connection examples – Asus SL1200 User Manual

116

Chapter 10 - Configuring VPN

ASUS SL1200

Figure 10.2. VPN Statistics Page

10.5 VPN Connection Examples

Gateways with integrated VPN and Firewall are useful in scenarios where:

• The traffic between branch offices is protected by VPN and
• Traffic destined for public Internet goes through Firewall/NAT.

To avoid NAT/IPSec interoperability issues, outgoing traffic is first

processed by Firewall/NAT and then by IPSec. Hence, you must ensure

that appropriate Firewall rules are configured to let the VPN traffic

gothrough. This section describes these scenarios and presents step-by-

step instructions for configuring these scenarios.

10.5.1 Intranet Scenario – firewall + VPN and no NAT for

VPN traffic

This is a common scenario where traffic to the public Internet goes through

the Firewall/NAT only and traffic between private networks is allowed

without NAT before IPSec processing. The same authority administers the

networks that are protected by VPN to avoid any possible address clash.

Configure each of the router for the Intranet scenario using the following

steps:
• Configure VPN connection rules.

• Configure Firewall access rules to allow inbound and outbound VPN

traffic.

• Configure a Firewall self rule to allow IKE packets into the router