Configuring VPN
Advanced Configuration of IPSec VPN
NOTE
Advanced Configuration of IPSec VPN
Cisco SA 500 Series Security Appliances Administration Guide
Next steps:
•
If you are using the Getting Started (Advanced) page, click Getting Started
in the menu bar and then click Advanced in the navigation tree to return to
the list of configuration tasks for IPsec VPN Remote Access.
•
Optionally, review and modify the default settings and policies. See
Advanced Configuration of IPSec VPN, page
•
For Cisco QuickVPN, you also must enable Remote Management. See
RMON (Remote Management), page
The following topics are helpful for users who want to review and modify the
settings that are created by the VPN Wizard.
•
Viewing the Basic Setting Defaults for IPSec VPN
•
Configuring the IKE Policies for IPSec VPN
•
Configuring the IPSec VPN Policies
Viewing the Basic Setting Defaults for IPSec VPN
To view the basic setting defaults that are configured by the Wizard, click VPN on
the menu bar, and then click IPSec > Basic Setting Defaults in the navigation tree.
Configuring the IKE Policies for IPSec VPN
The Internet Key Exchange (IKE) protocol is a negotiation protocol that includes an
encryption method to protect data and ensure privacy. It is also an authentication
method to verify the identity of devices that are trying to connect to your network.
You can create IKE policies to define the security parameters such as
authentication of the peer, encryption algorithms, etc. to be used in this process.
You can choose whether to authenticate users from the User Database (see
Configuring the User Database for the IPSec Remote Access
external authentication server such as a RADIUS server (by choosing the IPSec
Host option in the XAUTH field of this page.
157.
210.
VPN) or an
8
157