Tip

This is the documentation for the 22.06 version. Looking for the documentation of the latest version? Have a look here.

TNSR Remote Office With Existing IPsec HubΒΆ

In this example, remote offices with a Netgate SG-5100 running TNSR will be configured for site-to-site VPN to an existing IPsec Head-End at a central headquarters location.

Workers at remote offices will need Direct Internet Access (DIA) and corporate intranet access from their location using IPSec IKEv2 with Pre-Shared Key and secured crypto methods (AES128/SHA1/DH2048). Direct Internet Access also needs to be made available to a guest network through distinct VLANs so that guest and staff devices can be isolated.

The TNSR Remote Office Deployment will be completed in the following high level steps: