Creating objects for network resources that are accessible to mobile peers
The object representing resources that can be accessed through the IPsec tunnel may be:
- A host: to allow access to a single host through the IPsec tunnel,
- A network: to allow access to a single protected network on the firewall through the IPsec tunnel,
- A host/network group: to allow access to a group of hosts and/or protected networks through the IPsec tunnel.
In Configuration > Objects > Network:
- Click on Add.
- Select the object type (Host, Network or Group).
- Give this object a Name (IKEv2-EAP-CERT-NET-GRP-DST group in this example).
- Depending on the object type:
- Host: fill in the IPv4 address field,
- Network: fill in the Network IP address field as a network/mask (E.g., 192.168.1.0/24 or 192.168.1.0/255.255.255.0),
- Group: select the objects (hosts and/or networks) to include in the group.
- Click on Create.