Site-to-Site VPN Configuration Information Checklist

When setting up a Site-to-Site VPN configuration, several pieces of information are needed to ensure a smooth and secure connection. Here's a list of essential information required for the configuration:

  • Make and Model of the Firewalls:
    • The specific brand and model of the firewall devices
  • Peer IP Address:
    • The public IP address of the remote firewall with which you are establishing the VPN connection.
  • Internal Subnets:
    • Define the internal subnets on each network that need to be accessible over the VPN.
  • If you want to restrict access to certain parts of your internal network, specify the specific subnets or IP ranges you want to expose rather than the entire network.
  • FQDN and IP Addresses of Resources:
    • List the Fully Qualified Domain Names (FQDN) and their corresponding IP addresses of the network resources (servers, services, applications) that users need to access over the VPN. This information is essential for routing and access control configurations.
    • This may include file servers, web applications, or any other services hosted on the internal network.
  • Preferred Encryption Type:
    • Specify the encryption protocol and algorithms you want to use for securing the VPN connection. Common options include:
      • Encryption Protocol (e.g., IPSec, SSL/TLS).
      • Encryption Algorithms (e.g., AES-256, 3DES).
      • Hash Algorithms (e.g., SHA-256, MD5).
      • Authentication Methods (e.g., Pre-shared key, X.509 certificates).
      • Diffie-Hellman Group for key exchange.

Was this article helpful?