Table of Contents
Advertisement
Virtual Private Networks (VPN)
6. Set the firewall zone for the IPsec tunnel. Generally this should be left at the default of ipsec.
(config vpn ipsec tunnel ipsec_example)> zone zone
(config vpn ipsec tunnel ipsec_example)>
To view a list of available zones:
(config vpn ipsec tunnel ipsec_example)> zone ?
Zone: The firewall zone assigned to this IPsec tunnel. This can be used by
packet filtering rules
and access control lists to restrict network traffic on this tunnel.
Format:
any
dynamic_routes
edge
external
hotspot
internal
ipsec
loopback
setup
Default value: ipsec
Current value: ipsec
(config vpn ipsec tunnel ipsec_example)>
7. Set the mode:
(config vpn ipsec tunnel ipsec_example)> mode mode
(config vpn ipsec tunnel ipsec_example)>
where mode is either:
tunnel: The entire IP packet is encrypted and/or authenticated and then encapsulated
n
as the payload in a new IP packet.
transport: Only the payload of the IP packet is encrypted and/or authenticated. The IP
n
header is unencrypted.
The default is tunnel.
8. Set the protocol:
(config vpn ipsec tunnel ipsec_example)> type protocol
(config vpn ipsec tunnel ipsec_example)>
where protocol is either:
esp (Encapsulating Security Payload): Provides encryption as well as authentication and
n
integrity.
ah (Authentication Header): Provides authentication and integrity only.
n
The default is esp.
TX54 User Guide
IPsec
301
Advertisement
Table of Contents
