AirWave Wireless Management Suite | Configuration Guide Aruba Configuration Reference | 167
Click Add to create the VPN Services > IKE profile, or click Save to retain the changes to an existing IKE
profile. The profile appears on the
Advanced Services > VPN Services > IKE page.
Advanced Services > VPN Services > L2TP
The combination of Layer-2 Tunneling Protocol and Internet Protocol Security (L2TP/IPSec) is a highly
secure technology that enables VPN connections across public networks such as the Internet. L2TP/IPSec
provides both a logical transport mechanism on which to transmit PPP frames as well as tunneling or
encapsulation so that the PPP frames can be sent across an IP network. L2TP/IPSec relies on the PPP
connection process to perform user authentication and protocol configuration. With L2TP/IPSec, the user
authentication process is encrypted using the Data Encryption Standard (DES) or Triple DES (3DES)
algorithm.
L2TP/IPSec requires two levels of authentication:
z Computer-level authentication with a preshared key to create the IPSec security associations (SAs) to
protect the L2TP-encapsulated data.
z User-level authentication through a PPP-based authentication protocol using passwords, SecureID,
digital certificates, or smart cards after successful creation of the SAs.
Navigate to
Advanced Services > VPN Services > L2TP page from the Aruba Configuration navigation pane.
This page lists all L2TP profiles that are currently available. Click Add to create a new
L2TP profile, or click
the pencil icon next to an existing profile to modify settings. The
Advanced Services > VPN Services > L2TP
Add/Edit Details
page contains the following fields, as described in Table 79.
IKE Shared Secrets
Add N/A Click this button to add an IKE shared secret. The following settings
appear. Complete these settings and click Add in this section.
z Subnet—Enter the subnet for the shared secret.
z Subnet Mask—Enter the subnet mask for the shared secret.
z IKE Shared Secret—Type the shared secret, and confirm.
IKE Policies
Add N/A Click this button to add a new IKE policy. The following settings appear.
Complete these settings and click Add in this section.
z Priority—Type the priority number of this IKE policy.
z Encryption—From the drop-down menu, select the encryption type to
be supported in the IKE policy.
z Hash Algorithm—Select the hash algorithm for this IKE policy.
z Authentication—Select the authentication type to be supported in this
IKE policy.
z Diffie-Hellman Group—Select the bit-level to be supported.
z Lifetime (300-86400 sec)—Define the lifetime, in seconds, for the IKE
policy.
Once one or more policies are added, select the policy to apply to the VPN
Services > IKE profile being configured.
Table 78 Advanced Services > VPN Services > L2TP Add/Edit Details Field Descriptions
Field Default Description
General Settings
Table 77 Advanced Services > VPN Services > IKE Add/Edit Detail Field Descriptions (Continued)
Field Default Description
To Next Page
Loading...
