Activating VPN packet rules
You must activate the VPN packet rules before you can start your VPN connections.
You cannot activate (or deactivate) packet rules when you have VPN connections running on your system. So, before you activate your VPN filter rules, ensure that there are no active connections associated with them.
If you created your VPN connections with the New Connection wizard, you can choose to have the associated rules activated, automatically, for you. Be aware that,
if there are other packet rules active on any of the interfaces you specify,
the VPN policy filter rules will replace them.
If you choose to activate your VPN generated rules by using the Packet Rules Editor, follow these steps:
- In iSeries™ Navigator, expand your system > Network > IP Policies.
- Right-click Packet Rules and select Activate.
This opens the Activate Packet Rules dialog box.
- Select whether you want to activate only the VPN generated rules,
only a selected file, or both the VPN generated rules and a selected file.
You might choose the latter, for instance, if you have miscellaneous PERMIT and DENY rules that you want to enforce on the interface in addition to the VPN generated rules.
- Select the interface on which you want the rules activated. You can choose to activate on a specific interface, on a point-to-point identifier,
or on all interfaces and all point-to-point identifiers.
- Click OK on the dialog box to confirm that you want to verify and activate the rules on the interface or interfaces you specified. After you click OK, the system checks the rules for syntax and semantic errors and reports the results in a message window at the bottom of the editor. For error messages that are associated with a specific file and line number, you can right-click the error and select Go To Line to highlight the error in the file.
After you activate your filter rules, you can start your VPN connection.
Parent topic:
Configuring VPN packet rules
Related concepts
Configuring VPN packet rules