Virtual Private Networks (VPN) IPsec
Digi Connect IT® 16/48 User Guide
250
(config vpn ipsec tunnel ipsec_example)> remote id ipv4_id id
(config vpn ipsec tunnel ipsec_example)>
n ipv6: The ID will be interpreted as an IPv6 address and sent as an ID_IPV6_ADDR
IKE identity.
Set an IPv6 formatted ID. This can be a fully-qualified domain name or an IPv6
address.
(config vpn ipsec tunnel ipsec_example)> remote id ipv6_id id
(config vpn ipsec tunnel ipsec_example)>
n rfc822: The ID will be interpreted as an RFC822 (email address).
Set the IDin internet email address format:
(config vpn ipsec tunnel ipsec_example)> remote id rfc822_id id
(config vpn ipsec tunnel ipsec_example)>
n fqdn: The ID will be interpreted as FQDN (Fully Qualified Domain Name) and sent as
an ID_FQDN IKE identity.
Set the IDas an FQDN:
(config vpn ipsec tunnel ipsec_example)> remote id rfc822_id id
(config vpn ipsec tunnel ipsec_example)>
n keyid: The ID will be interpreted as a Key ID and sent as an ID_KEY_ID IKE identity.
Set the key ID:
(config vpn ipsec tunnel ipsec_example)> remote id keyid_id id
(config vpn ipsec tunnel ipsec_example)>
15. Configure IKE settings:
a. Set the IKE version:
(config vpn ipsec tunnel ipsec_example)> ike version value
(config vpn ipsec tunnel ipsec_example)>
where value is either ikev1 or ikev2. This setting must match the peer's IKE version.
b. Determine whether the device should initiate the key exchange, rather than waiting for an
incoming request. By default, the device will initiate the key exchange. This must be
disabled if remote hostname is set to any. To disable:
(config vpn ipsec tunnel ipsec_example)> ike initiate false
(config vpn ipsec tunnel ipsec_example)>
c. Set the IKE phase 1 mode:
(config vpn ipsec tunnel ipsec_example)> ike mode value
(config vpn ipsec tunnel ipsec_example)>
where value is either aggressive or main.
To Next Page
Loading...
Need help?
General