Table of Contents
Advertisement
Virtual Private Networks (VPN)
The default is modp2048.
v. (Optional) Add additional phase 1 proposals:
ii. Add an additional proposal:
iii. Repeat to add more phase 1 proposals.
j. Configure the types of encryption, hash, and Diffie-Hellman group to use during phase 2:
i. Move back two levels in the schema:
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)> ..
..
(config vpn ipsec tunnel ipsec_example ike)>
ii. Add a phase 2 proposal:
(config vpn ipsec tunnel ipsec_example ike)> add ike phase2_
proposal end
(config vpn ipsec tunnel ipsec_example ike phase2_proposal 0)>
iii. Set the type of encryption to use during phase 2:
(config vpn ipsec tunnel ipsec_example ike phase2_proposal 0)>
cipher value
(config vpn ipsec tunnel ipsec_example ike phase2_proposal 0)>
where value is one of:
IX10 User Guide
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
dh_group value
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
i. Move back one level in the schema:
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 0)>
..
(config vpn ipsec tunnel ipsec_example ike phase1_proposal)>
(config vpn ipsec tunnel ipsec_example ike phase1_proposal)>
add end
(config vpn ipsec tunnel ipsec_example ike phase1_proposal 1)>
Repeat the above steps to set the type of encryption, hash, and Diffie-Hellman
group for the additional proposal.
3des
n
aes128
n
aes128gcm128
n
aes128gcm64
n
aes128gcm96
n
aes192
n
aes192gcm128
n
aes192gcm64
n
IPsec
331
Advertisement
Table of Contents
