Internet Security Router User
’s Manual
Chapter 10. Configuring VPN
99
Refer to the section 10.3 Establish VPN Connection Using Automatic Keying to configure VPN policies on
ISR2 using automatic keying.
Figure 10.6. Intranet VPN Policy Configuration on ISR2
Step 2: Configure Firewall rules
1.
Configure outbound Firewall rule to allow packets from 192.168.2.0/255.255.255.0 to
192.168.1.0/255.255.255.0 without any NAT.
2.
Configure inbound Firewall rule to allow packets from 192.168.1.0/255.255.255.0 to
192.168.2.0/255.255.255.0 without any NAT.
Table 10.8 and Table 10.9 provide the parameters to be configured for the outbound and inbound Firewall rule
fields. For a general description on configuring any inbound/outbound Firewall rule, please refer to sections 9.3
and 9.4.
Table 10.8. Outbound Un-translated Firewall Rule for VPN Packets on ISR1
Field
Value
Type
Subnet
Address
192.168.2.0
Source IP
Mask
255.255.255.0
Type
Subnet
Destination IP
Address
192.168.1.0