Prestige 334 User’s Guide
Chapter 15 VPN Screens
164
15.10 Editing VPN Rules
Click
Edit
on the
Summary
screen or click the
Rule Setup
tab to edit VPN rules.
Figure 64
VPN: Rule Setup (Basic)
The following table describes the labels in this screen.
Table 51
VPN: Rule Setup (Basic)
LABEL
DESCRIPTION
Active
Select this check box to activate this VPN tunnel. This option determines whether
a VPN rule is applied before a packet leaves the firewall.
Keep Alive
Select this check box to have the Prestige automatically re-initiate the SA after
the SA lifetime times out, even if there is no traffic. The remote IPSec router must
also have keep alive enabled in order for this feature to work.
NAT Traversal
Select this check box to enable NAT traversal. NAT traversal allows you to set up
a VPN connection when there are NAT routers between the two IPSec routers.
The remote IPSec router must also have NAT traversal enabled.
You can use NAT traversal with
ESP
protocol using
Transport
or
Tunnel
mode,
but not with
AH
protocol nor with manual key management. In order for an IPSec
router behind a NAT router to receive an initiating IPSec packet, set the NAT
router to forward UDP port 500 to the IPSec router behind the NAT router.