SmartFlex
Continued from previous page
Item Description
Authenticate Mode Specifies the means by which the router authenticates:
• Pre-shared key – Sets the shared key for both sides of the
tunnel.
• X.509 Certificate – Allows X.509 authentication in multi-
client mode.
Pre-shared Key Specifies the shared key for both sides of the tunnel. The prereq-
uisite for entering a key is that you select pre-shared key as the
authentication mode.
CA Certificate Certificate for X.509 authentication.
Remote Certificate Certificate for X.509 authentication.
Local Certificate Certificate for X.509 authentication.
Local Private Key Private key for X.509 authentication.
Local Passphrase Passphrase used during private key generation.
Debug Choose the level of verbosity to System Log. Silent (default),
audit, control, control-more, raw, private (most verbose includ-
ing the private keys). See strongSwan documentation for more
details.
Table 42: IPsec Tunnel Configuration
Do not miss:
• If local and remote subnets are not configured then only packets between local and
remote IP address are encapsulated, so only communication between two routers
is encrypted.
• If protocol/port fields are configured then only packets matching these settings are
encapsulated.
The following procedure describes how to generate certificates and keys without a pass-
word phrase:
82
To Next Page
Loading...
Need help?
General