Table of Contents
Advertisement
ACS v6000 Installation/Administration/User Guide
26
Use the Add button to add a VPN connection or click on an existing connection name to edit
one already in the list. Click the Delete button to delete an existing connection. If NAT
settings need to be changed, click the Configure NAT button.
When you click the Add button, the IPSec(VPN) - Add screen is displayed.
NOTE: To run IPSec (VPN), you must enable IPSec under the custom Security Profile.
The remote gateway is referred to as the remote or right host and the virtual console server is
referred to as the local or left host. If left and right are not directly connected, then you must
also specify a NextHop IP address.
The next hop for the remote or right host is the IP address of the router to which the remote
host or gateway running IPSec sends packets when delivering them to the left host. The next
hop for the left host is the IP address of the router to which the virtual console server sends
packets to for delivery to the right host.
A Fully Qualified Domain Name should be indicated in the ID fields for both the Local (Left)
host and the Remote (Right) host where the IPSec negotiation takes place.
The following table describes the fields and options on the IPSec(VPN) - Add screen. The
information must match exactly on both ends for local and remote.
Table 3.4: Field and Menu Options for Configuring IPSec(VPN)
Field Name
Connection Name
Authentication Protocol
Boot Action
Authentication Method
Definition
Any descriptive name you wish to use to identify this connection.
The authentication protocol used, either ESP (Encapsulating Security
Payload) or AH (Authentication Header).
The boot action configured for the host, either Ignore, Add or Start.
Authentication method used, either RSA Public Keys or Shared Secret.
Advertisement
Table of Contents
