Defining a network object that contains IP addresses assigned to mobile peers

The network assigned to clients must not already be known to the firewall: it must neither be a network that is directly connected nor a network known through routing.

In the module Configuration > Objects > Network objects:

  1. Click on Add.
  2. Select Network.
  3. Assign an Object name to this object (Mobile_Users_Network in the example).
  4. Enter the Network IP address field in the form of a network/mask.
    This network must contain at least as many IP addresses as the number of users likely to connect via an IPsec VPN tunnel.
    Examples: or : 254 addresses so 254 Phase 2. or : 510 addresses so 510 Phase 2.
  5. Click on Create.