Secure connections for your site-to-site traffic are provided by secure tunnels across the Internet between two Locations, or a Location and a Corente Client or mobile device. Each pair of Locations (or Location/client) is referred to as a set of partners. Each Location can have multiple partners. To enable partners for a Location and define the parameters of the partnership, you can do the following:
Launch the Partners Wizard.
Access the Partners Tab for a Location.
Create a drag and drop tunnel.
To choose Location partners and establish secure tunnel connections in your application network, access the Partner tab of the Location form for each of your gateways.
Using the Partners tab enables you to enable advanced functionality that is not available when using the Partner Locations wizard, but you must remember to configure the Partners tab for each Location involved in the partnership. Location partnerships are reciprocal and must be defined on both sides of the partnership.
The Partners tab can also be used to configure an optional Internet firewall for your LAN and to limit which local and remote computers will have access to this Corente Services Gateway to perform such functions as monitoring it with SNMP or connecting to its Gateway Viewer application.
Use the following procedure to create tunnel connections using the Partners tab of the Location form.
Access the Location form for a gateway:
Right-click the Location icon in the map or domain directory and select Edit.
Double-click the Location name in the domain directory.
Select the Location name in the domain directory and then select the Edit option from the toolbar or the Edit menu.
The Location form will be displayed in a new window.
On the Location form, click the Partners tab. This tab is used to select the Locations, both Intranet and Extranet, and Corente Clients that will partner with this Location.
The main Partners tab presents a table of all partners that you have already added as well as four default partners: LAN to Internet Access, LAN to Location Access, DMZ to Internet Access, and LAN to DMZ Access. You may Edit or Delete any partner listed in the table.
This table also displays the following basic information about each partner:
Name: The name of the partner.
Type: The type of partner (Regular, Access, Extranet, or Client Group).
Status: The current status of the tunnel between this Location and the partner.
NAT: The NAT setting for the tunnel between this Location and the partner.
Conn Share: Whether or not Connection Sharing is enabled for this partnership.
Tubes: The number of tubes that are defined for this tunnel.
Transport: The protocol encapsulating the packets that travel between these partners over the secure tunnel (UDP or TCP). This is determined automatically by the Corente Services Gateway. UDP is the preferred protocol, as it performs better under conditions where there is packet loss, but TCP will be used in cases when UDP cannot.
Select the Add button on the main Partners tab. The Add Partner screen is displayed.
Begin by filling out the Connection to Partner section. This section enables you to choose a partner for this Location. To begin, you must choose one of the following types of partners:
Intranet: Locations that are within this Location's own domain.
Extranet: Locations from another domain that have been imported into this domain with the Extranet Imports and Exports feature, available in the domain directory, and have been permitted to contact this Location.
Client Groups: Groups of Corente Clients that were created with the Client Groups feature and have been permitted to access this Location.
Mobile User Groups: Groups of mobile users that were created with the Mobile User Groups feature and have been permitted to access this Location.
Third-Party Devices: Devices, such as a Cisco router, which have been created with the 3rd-Party Devices feature.
A third-party device which is configured as a backhaul server must be be the only partner for a Corente Services Gateway.
After selecting the type of partner you want to connect with this Location, select a Location (or a client group or third-party device) from the adjoining pull-down menu. If the Location has already enabled a connection to this Location on its Partners tab, the Connection Enabled by Partner checkbox will be checked. Note that connections to client groups are defined on the Location side of the partnership only, so this checkbox will always be checked when adding a client group as a partner.
Configure the settings on the Add Partner screen as appropriate and then enable at least one Tube on this partner connection.
When you are finished with the Partners tab, click OK to close the window. After you Save your changes, remember to access the Partners tab for the other Location partner and complete this process again. All Location partnerships are reciprocal.