• IP Pool : 192.168.189.30-192.168.189.50
• Netmask : 255.255.255.0
• DNS : 192.168.28.4
4. Click OK
B. Configure the IPsec tunnel:
1. Go to: Network > Interfaces and VPN > IPsec > Add > IPsec Tunnel
2. Now enter:
• Name: my_ikev2_client_tunnel
• Local Network: lannet
• Remote Network: all-nets
• Remote Endpoint: all-nets
• IKE Config Mode Pool: Static
3. Select IKE Settings and enter:
• Set the IKE Version to IKEv2
4. Select Authentication and enter:
• Enable the X.509 Certificate option
• For Gateway Certificate select my_host_cert
• For Root Certificate(s) add my_root_cert
• Enable the Require EAP for inbound IPsec tunnels option
• Enable the Request EAP ID option
5. Select Advanced and enter:
• Enable the Add route dynamically option
• Disable the Add route statically option
6. Click OK
C. Configure a RADIUS server for authentication:
1. Go to: Policies > User Authentication > RADIUS > Add > RADIUS Server
2. Now enter:
• Name: my_radius_server
• IP Address: 203.0.113.20
• Shared Secret: MYSHAREDRADIUSSECRETSTRING
Chapter 9: VPN
718
To Next Page
Loading...
