Digi LR54 User Manual page 457
Hide thumbs
Also See for LR54:
- User manual (931 pages) ,
- Hardware reference manual (21 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
Virtual Private Networks (VPN)
The default is nine minutes.
i. Configure the types of encryption, hash, and Diffie-Hellman group to use during phase 1:
i. Add a phase 1 proposal:
(config vpn ipsec tunnel ipsec_example)> add ike phase1_proposal
end
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
ii. Set the type of encryption to use during phase 1:
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
cipher value
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
where value is one of 3des, aes128, aes192, aes256, or null. The default is 3des.
iii. Set the type of hash to use during phase 1 to verify communication integrity:
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
hash value
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
where value is one of md5, sha1, sha256, sha384, or sha512. The default is sha1.
iv. Set the type of Diffie-Hellman group to use for key exchange during phase 1:
ii. Set the Diffie-Hellman group type:
The default is modp2048.
v. (Optional) Add additional phase 1 proposals:
ii. Add an additional proposal:
LR54 User Guide
i. Use the ? to determine available Diffie-Hellman group types:
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
dh_group ?
curve25519
curve448
ecp192
ecp224
...
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
dh_group value
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
i. Move back one level in the schema:
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
..
(config vpn ipsec tunnel ipsec_example ike phase1_proposal)>
IPsec
457
Advertisement
Table of Contents
