Before going deep to every VPN technology setup in cOS Core lets look on overview of common requirements:
- Define the Tunnel – Firstly we must define the tunnel itself. cOS Core has various tunnel object types which are used to do this, such as an IPsec Tunnel object.
- A Route Must Exist – Before any traffic can flow into the tunnel, a route must be defined in a cOS Core routing table. This route tells cOS Core which network can be found at the other end of the tunnel so it knows which traffic to send into the tunnel. In most cases, this route is created automatically when the tunnel is defined and this can be checked by examining the routing tables. If a route is defined manually, the tunnel is treated exactly like a physical interface in the route properties, as it is in other aspects of cOS Core. In other words, the route is saying to cOS Core that a certain network is found at the other end of the tunnel.
- Define an IP Rule to Allow VPN Traffic – An IP rule must be defined that explicitly allows traffic to flow between a network and the tunnel. As with route definitions, the tunnel is treated exactly like a physical interface when defining the IP rule. IP rules are not created automatically after defining the tunnel object and if they do not exist then no traffic can flow through the tunnel and will instead, be dropped.