Table of Contents
Advertisement
■IKEv2 authentication method combined operation
In IKEv2, own device and peer device authentication must be set respectively. These authentication methods are
supported: pre-shared key authentication, EAP-MD5 authentication, and digital signature authentication.
*EAP-MD5 authentication is supported only for the side to be authenticated. Digital signature authentication is
supported only by the requester side.
The following shows the setting pattern in which IKEv2 authentication is established or not.
(1) Authentication pattern ①
The pattern is set only by pre-shared keys.
Own device
authentication
Authentication method:
Pre-shared key
Password: aaa
Peer device
authentication
Authentication method:
Pre-shared key
Password: aaa
(2) Authentication pattern ②
Pattern set with pre-shared key plus digital signature.
Own device
authentication
Authentication method:
Pre-shared key
Password: aaa
Peer device
authentication
Authentication method:
digital signature
File name: test.pem
Initiator
Device
Authentication is established as both an
Initiator and Responder (There is no
restriction on the starting direction)
Initiator
Device
・
Place a center router that can digitally
sign
・Authentication is established as both an
Initiator and Responder (There is no
restriction on the starting direction)
Responder
Own device
authentication
Authentication method:
Pre-shared key
Password: aaa
Device
Peer device
authentication
Authentication method:
Pre-shared key
Password: aaa
Responder
Own device
authentication
Authentication method:
digital signature
File name: test.pem
Other
Device
Peer device
authentication
Authentication method:
Pre-shared key
Password: aaa
|Setting/Setting Confirmation
225
Advertisement
Table of Contents
