How do you designate the “enforcement point gateway” for the peers involved in “VPN Directional Enforcement”?

How do you designate the “enforcement point gateway” for the peers involved in “VPN
Directional Enforcement”?

How do you designate the “enforcement point gateway” for the peers involved in “VPN
Directional Enforcement”?

A.
From the WebUI’s of the peers add a static route to the “designated enforcement point”.

B.
In the file $FWDIR/conf/user.def on each peer with a route entry to the enforcement point
gateway.

C.
Designate this gateway in the VPN community properties.

D.
Editing file $FWDIR/conf/vpn_route.conf on each peer with a route entry to the enforcement
point gateway.



Leave a Reply 1

Your email address will not be published. Required fields are marked *


Sidza

Sidza

VPN Directional Enforcement can take place between two VPN communities. In this case, one gateway must be configured as a member of both communities and the enforcement point between them. Every other peer gateway in both communities must have a route entry to the enforcement point gateway in its vpn_route.conf file.