SunScreen 3.1 Configuration Examples

General VPN Configuration

To configure a VPN with SunScreen requires several steps, in the following order:

  1. Install the SunScreen software on all Screens that are involved in the VPN, including remote Administration Stations, as applicable.

  2. Be sure each Screen is configured with its own local certificate.

    For example, certificates sf-screen1.cert and hk-screen1.cert.

  3. Add a certificate object to each Screen for every other Screen in the VPN.

  4. Create address objects (HOST, GROUP, or RANGE) on each Screen for any address in the VPN, including an address object for each Screen as well.

  5. Create policy rules under the VPN tab to define your VPN.

  6. Create policy rules under the Packet Filter tab to use your VPN.

  7. Save and activate your policy.