Configuring the HQ IPsec VPN
- On HQ, go to VPN > IPsec Wizard.
Select the Site to Site template and select Next.
- In the Authentication section, set IP Address to Branch's Internet-facing IP (in this example, 172.31.1.65).
After you enter the gateway, an interface is assigned as the Outgoing Interface.
Set a secure Pre-shared Key.
- In the Policy & Routing section, set the Local Interface. The Local Subnets are added automatically.
Set Remote Subnets to Branch's local subnet (in this example, 10.1.2.0/24).
- Review the configuration summary that shows the firewall addresses, firewall address groups, a static route, and security policies.