Define Gateway Endpoints for a BOVPN Virtual Interface

Gateway Endpoints are the local and remote gateways that are connected by a BOVPN. The gateway endpoints configuration enables your Firebox to determine how to identify and communicate with the remote endpoint device when it negotiates the BOVPN. It also enables the device to determine how to identify itself to the remote endpoint when it negotiates the BOVPN. You must configure at least one gateway endpoint pair when you add a BOVPN virtual interface.

You can configure multiple gateway endpoints for VPN failover. For more information, see Configure VPN Failover.

Local Gateway

In the Local Gateway settings, you configure the gateway ID and the interface the BOVPN connects to on your Firebox. You can configure a BOVPN virtual interface to use any internal or external interface as the local gateway.

Do not use a secondary interface IP address as a gateway endpoint.

For the gateway ID, if you have a static IP address you can select By IP Address. If you have a domain that resolves to the IP address the BOVPN connects to on your Firebox, select By Domain Information.

Remote Gateway

You can configure the gateway IP address and gateway ID for the remote endpoint device that the BOVPN connects to. The gateway IP address can be either a static IP address or a dynamic IP address. The gateway ID can be By Domain Name, By User ID on Domain, or By x500 Name. The administrator of the remote gateway device selects which gateway ID type to use.

If the remote VPN endpoint uses DHCP or PPPoE to get an external IP address, set the ID type of the remote gateway to Domain Name. Set the peer name to the fully qualified domain name of the remote VPN endpoint. The Firebox uses the IP address and domain name to find the VPN endpoint. Make sure the DNS server used by the device can identify the name.

See Also

Configure Manual BOVPN Gateways

Configure Manual BOVPN Tunnels

Give Us Feedback     Get Support     All Product Documentation     Technical Search