Nokia IPSO 4.0 Cell Phone User Manual


 
5
224 Nokia Network Voyager for IPSO 4.0 Reference Guide
Configuring VPN Tunnels
If you want the cluster to support VPN tunnels in which non-Check Point gateways participate,
you must configure the tunnels in Voyager (on the Clustering Setup Configuration page) as well
as in NGX. Perform the following procedure:
1. In the Network Address field under Add New VPN Tunnel, enter the remote encryption
domain IP address in dotted-decimal format (for example, 192.168.50.0).
2. In the Mask field, enter the mask value as a number of bits. The range is 8 to 32.
3. In the Tunnel End Point field, enter the external address of the non-Check Point gateway.
4. Click Apply.
The VPN Tunnel Information table appears and displays the information you configured.
5. If there is more than one network behind the non-Check Point gateway, repeat these steps for
each network. In each case, enter the external address of the non-Check Point gateway as the
tunnel end point. If one of the networks behind a non-Check Point gateway is not encrypted
(for example, a DMZ), set its end point to 0.0.0.0.
Note
See “Clustering Example With Non-Check Point VPN” for an example of configuring a
cluster to support a VPN with a non-Check Point gateway.
Using IP Pools
IPSO clusters support the use of IP pools (address ranges), which are useful for solving certain
routing problems. For example, you might want to use an IPSO cluster (and NGX) to create a