Table of Contents
Advertisement
Figure 7-9: Configuration | System | Tunneling Protocols | IPSec LAN-to-LAN | Add | Done screen
OK
To close this screen and return to the Configuration | System | Tunneling Protocols | IPSec LAN-to-LAN screen,
click OK . The LAN-to-LAN Connection list shows the new connection, and the Manager includes all the new
settings in the active configuration.
Reminder:
To save the active configuration and make it the boot configuration, click the Save Needed icon at the
top of the Manager window.
Configuration | System | Tunneling Protocols | IPSec |
IKE Proposals
This section of the Manager lets you configure, add, modify, activate, deactivate, delete, and prioritize
IKE proposals, which are sets of parameters for Phase 1 IPSec negotiations. During Phase 1, the two
peers establish a secure tunnel within which they then negotiate the Phase 2 parameters.
The VPN Concentrator uses IKE proposals both as initiator and responder in IPSec negotiations. In
LAN-to-LAN connections, the VPN Concentrator can function as initiator or responder. In
client-to-LAN connections, the VPN Concentrator functions only as responder.
You must configure, activate, and prioritize IKE proposals before you configure IPSec Security
Associations. See Configuration | Policy Management | Traffic Management | Security Associations , or click the
Security Associations link on this screen.
You must also configure and activate IKE proposals before configuring IPSec LAN-to-LAN
connections. See Configuration | System | Tunneling Protocols | IPSec LAN-to-LAN above.
You can configure a maximum of 25 IKE proposals total (active and inactive).
VPN 3000 Concentrator Series User Guide
Configuration | System | Tunneling Protocols | IPSec | IKE Proposals
7-19
Hide quick links:
Advertisement
Table of Contents
