Configuring The Ike Policies For Ipsec Vpn - Cisco QuickVPN - PC Administration Manual

Configuring VPN
Advanced Configuration of IPSec VPN
NOTE
STEP 1
STEP 2
STEP 3
Cisco SA 500 Series Security Appliances Administration Guide

Configuring the IKE Policies for IPSec VPN

The Internet Key Exchange (IKE) protocol is a negotiation protocol that includes an
encryption method to protect data and ensure privacy. It is also an authentication
method to verify the identity of devices that are trying to connect to your network.
You can create IKE policies to define the security parameters such as
authentication of the peer, encryption algorithms, etc. to be used in this process.
You can choose whether to authenticate users from the User Database (see
Configuring the User Database for the IPSec Remote Access VPN, page
or an external authentication server such as a RADIUS server (by choosing the
IPSec Host option in the XAUTH field of this page).
The VPN Wizard is the recommended method to create the corresponding IKE and
VPN policies for a VPN tunnel. After the Wizard creates the matching IKE and VPN
policies, you can make changes, as needed. Advanced users can create an IKE
policy from Add but must be sure to use compatible encryption, authentication, and
key-group parameters for the VPN policy.
Click VPN on the menu bar, and then click IPSec > IKE Policies in the navigation
tree. The existing entries appear in the List of IKE Policies table.
The IKE Policies page appears. Any existing policies are listed in the List of IKE
Policies table.
Click Edit to edit an entry.
Other options: Click Add to add an entry. To delete an entry, check the box,
NOTE
and then click Delete. To select all entries, check the box in the first column
of the table heading.
After you click Add or Edit, the IKE Policy Configuration page appears.
In the General area, enter the following information:
• Policy Name: Enter a unique name for identification and management
purposes.
8
159)
162