Creating the IPsec policy - Config mode
In the module Configuration > VPN > IPsec VPN > Encryption policy – Tunnels tab:
- Select the IPsec policy that you wish to modify from the drop-down list (IPsec 01 in the example).
- Click on the Mobile - Mobile users tab.
- Click on Add.
- Select New Config mode mobile policy.
A configuration wizard starts. - In the Local ressources field, select the network that mobile users can access through the IPsec VPN tunnel (object Local_Network_Authorized_IPsec created earlier in the example).
- In the Peer selection field, select the mobile profile created earlier (IKEv2_Mobile_Users in the example).
Reminder: only one network can be selected. Network groups cannot be selected. - In the Remote networks field, select the network object created in the step Defining a network object that contains IP addresses assigned to mobile peers (Mobile_Users_Network in the example).
- Click on Finish.
- Click on Apply then confirm by clicking on Save.
- Click on Yes, activate the policy.
The IPsec policy configured in Config mode is therefore: