Configuration requirements

In this tutorial, the private networks of the 3 sites will be distinct (example: 192.168.0.0/24, 192.168.1.0/24 and 192.168.2.0/24).

The necessary network objects have been created on each of the sites to interlink:

• the public IP address of the Hub Firewall: Pub_FW_Hub,
• the local network of the Hub site: Private_Net_Hub,
• the public IP address of the Spoke A Firewall: Pub_FW_Spoke_A,
• the local network of the Spoke A site: Private_Net_Spoke_A,
• the public IP address of the Spoke B Firewall: Pub_FW_Spoke_B,
• the local network of the Spoke B site: Private_Net_Spoke_B.

Check that your PKI has been set up:

• There is a certification authority (CA),
• Certificates have been created for the Firewalls,
• The respective certificates have been imported on the Firewalls of the Spoke sites,
• The CA has been added to the list of trusted CAs on each of the Firewalls to interlink.