Table of Contents
Advertisement
Virtual Private Networks (VPN)
Depending on your device configuration, you may be presented with an Access selection
menu. Type admin to access the Admin CLI.
2. At the command line, type config to enter configuration mode:
> config
(config)>
3. Add an IPsec tunnel. For example, to add an IPsec tunnel named ipsec_example:
(config)> add vpn ipsec tunnel ipsec_example
(config vpn ipsec tunnel ipsec_example)>
The IPsec tunnel is enabled by default. To disable:
(config vpn ipsec tunnel ipsec_example)> enable false
(config vpn ipsec tunnel ipsec_example)>
4. (Optional) Set the tunnel to use UDP encapsulation even when it does not detect that NAT is
being used:
(config vpn ipsec tunnel ipsec_example)> force_udp_encap true
(config vpn ipsec tunnel ipsec_example)>
5. Set the firewall zone for the IPsec tunnel. Generally this should be left at the default of ipsec.
(config vpn ipsec tunnel ipsec_example)> zone zone
(config vpn ipsec tunnel ipsec_example)>
To view a list of available zones:
(config vpn ipsec tunnel ipsec_example)> zone ?
Zone: The firewall zone assigned to this IPsec tunnel. This can be used
by packet filtering rules
and access control lists to restrict network traffic on this tunnel.
Format:
any
dynamic_routes
edge
external
internal
ipsec
loopback
setup
Default value: ipsec
Current value: ipsec
(config vpn ipsec tunnel ipsec_example)>
Note
Depending on your network configuration, you may need to add a packet filtering rule to
allow incoming traffic. For example, for the IPsec zone:
IX30 User Guide
IPsec
350
Advertisement
Table of Contents
