Chapter 11. Site-to-Site VPN

This chapter is designed to be a practical guide to planning and configuring site-to-site Virtual Private Networks (VPNs) with FireWall-1. I briefly cover a few key terms and concepts and jump right into what can be done in FireWall-1 and how to do it. This chapter is not meant to comprehensively cover encryption or encryption technologies.

By the end of this chapter, you should be able to do the following:

  • Plan for a VPN

  • Determine which key exchange and encryption schemes FireWall-1 uses

  • Set up a VPN with FireWall-1

  • Understand what a gateway cluster is and what functions it provides

  • Troubleshoot VPN problems