1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Network Hardware
  5. WS-CE500 - Catalyst Express 500-24PC
  6. Administration manual

Cisco WS-CE500 Administration Manual page 152

Sa500 series small business security appliances
Hide thumbs
Table of Contents

Advertisement

Configuring VPN
Advanced Configuration of IPsec VPN
STEP 7
STEP 8
NOTE
Cisco SA500 Series Security Appliances Administration Guide
Encryption Algorithm: Choose the algorithm that is used to encrypt the
data.
Integrity Algorithm: Choose the algorithm that is used to verify the integrity
of the data.
PFS Key Group: Check this box to enable Perfect Forward Secrecy (PFS) to
improve security. While this option is slower, it ensures that a Diffie-Hellman
exchange is performed for every phase-2 negotiation.
Select IKE Policy: Choose the IKE policy to define the characteristics of
phase-1 of the negotiation.
page
144.
In the Redundant VPN Gateway Parameters area, enter the following information
to create a backup policy for this policy:
Enable Redundant Gateway for this policy?: Check this box to make a
backup policy for this policy. When the tunnel for this policy is down, the
backup tunnel automatically becomes active.
Select Back- up Policy: Choose a policy to act as a backup of this policy.
This list includes only those policies that can be configured as back up
policies.
A backup policy should meet the following conditions:
NOTE
1. The Type should be Auto.
2. The DPD should be enabled.
3. The Direction should be either initiator or both.
4. The XAuth configuration should be None or IPsec Host.
5. The policy should be Gateway only, not client.
Failback time to switch from back-up to primary: Enter the number of
seconds that must pass to confirm that primary tunnel has recovered from a
failure. If the primary tunnel is up for the specified number of seconds, the
security appliance will switch to the primary tunnel by disabling the backup
tunnel.
Click Apply to save your settings.
Next steps:
To view the status of the VPN tunnels, click Status > VPN Status > IPsec
Status. For more information, see
To view IPsec VPN logs, click Status > View Logs > IPsec VPN Logs. For
more information, see
Configuring the IKE Policies for IPsec VPN,
IPsec VPN Status, page
IPsec VPN Logs, page
210.
215.
7
152

Advertisement

Table of Contents
loading

Related Manuals for Cisco WS-CE500

Related Products for Cisco WS-CE500

This manual is also suitable for:

Esw-540-24 - small business pro switchEsw-540-48 - small business pro switchWs-ce500-24lc - catalyst express switchWs-ce500-24pc - catalyst express 500-24pc switchWs-ce500-24tt - catalyst express switchWs-ce500g-12tc - catalyst express 500g-12tc ... Show all

Table of Contents