Table of Contents
Advertisement
5 - 334 WiNG 5.7.1 Access Point System Reference Guide
3. Select a target device from the device browser in the lower, left-hand, side of the UI.
4. Select
Security
5. Select
Auto IPSec Tunnel
6. Refer to the following table to override the Auto IPSec tunnel settings:
Group ID
Authentication Type
Authentication Key
IKE Version
Enable NAT after IPSec
Use Unique ID
Re-Authentication
IKE Life Time
7. Select
OK
to save the updates made to the
configuration.
to expand its sub menu options.
to configure its parameters.
Figure 5-221 Device Overrides - Security – Auto IPSec Tunnel screen
Configure the ID string used for IKE authentication. String length can be between 1-64
characters
Set the IPSec Authentication Type. Options include PSK (Pre Shared Key) or rsa.
Set the common key for authentication between the remote tunnel peer. Key length is
between 8-21 characters
Configure the IKE version to use. The available options are ikev1-main, ikev1-aggr and
ikev2.
Select this option to enable NAT after IPSec. Enable this if there are NATted networks
behind VPN tunnels.
In scenarios where different access points behind different NAT boxes/routers have the
same IP address, it is not possible to create a tunnel between the wireless controller
and access point, as the wireless controller fails to identify the access point uniquely.
When selected, each access point behind a same NAT box/router will have an unique
ID which is used to create the VPN tunnel.
Select this option to re-authenticate the key on a IKE rekey. This setting is disabled by
default.
Set a lifetime in either Seconds (600 - 86,400), Minutes (10 - 1,440), Hours (1 - 24) or
Days (1) for IKE security association duration. The default is 8600 seconds.
Auto IPSec Tunnel
screen. Selecting
Reset
reverts the screen to its last saved
Hide quick links:
Advertisement
Table of Contents
