Digi TX54 User Manual page 406

Hide thumbs Also See for TX54:

User manual (1049 pages)

User manual (800 pages)

page of 1087

/ 1087
Contents
Table of Contents
Bookmarks

Table of Contents

Virtual Private Networks (VPN)

12. Select the Mode, either:

Tunnel mode: The entire IP packet is encrypted and/or authenticated and then

encapsulated as the payload in a new IP packet.

Transport mode: Only the payload of the IP packet is encrypted and/or authenticated.

The IP header is unencrypted.

13. Select the Protocol, either:

ESP (Encapsulating Security Payload): Provides encryption as well as authentication

and integrity.

AH (Authentication Header): Provides authentication and integrity only.

14. Click to expand Authentication.

a. For Authentication type, select one of the following:

TX54 User Guide

Pre-shared key: Uses a pre-shared key (PSK) to authenticate with the remote peer.

i. Type the Pre-shared key.

Asymmetric pre-shared keys: Uses asymmetric pre-shared keys to authenticate

with the remote peer.

i. For Local key, type the local pre-shared key. This must be the same as the

remote key on the remote host.

ii. For Remote key, type the remote pre-shared key. This must be the same as

the local key on the remote host.

RSA signature: Uses a private RSA key to authenticate with the remote peer.

i. For Private key, paste the device's private RSA key in PEM format.

ii. Type the Private key passphrase that is used to decrypt the private key.

Leave blank if the private key is not encrypted.

iii. For Peer public key, paste the peer's public RSA key in PEM format.

SCEP certificates: Uses Simple Certificate Enrollment Protocol (SCEP) to download

a private key, certificates, and an optional Certificate Revocation List (CRL) to the

TX54 device from a SCEP server.

You must create the SCEP client prior to configuring the IPsec tunnel. See

a Simple Certificate Enrollment Protocol client

i. For SCEP Client, select the SCEP client.

X.509 certificate: Uses private key and X.509 certificates to authenticate with the

remote peer.

i. For Private key, paste the device's private RSA key in PEM format.

ii. Type the Private key passphrase that is used to decrypt the private key.

Leave blank if the private key is not encrypted.

iii. For Certificate, paste the local X.509 certificate in PEM format.

for instructions.

Digi TX54 User Manual page 406

Related Manuals for Digi TX54

Related Products for Digi TX54

This manual is also suitable for:

Table of Contents