Virtual Private Networks (VPN) IPsec
Digi Connect IT® 4 User Guide
312
10. For Metric, enter or select the priority of routes associated with this IPsec tunnel. When more
than one active route matches a destination, the route with the lowest metric is used.
The metric can also be used in tandem with SureLink to configure IPsec failover behavior. See
Configure IPsec failover for more information.
11. For Mode, select Tunnel mode. Transport mode is not currently supported.
12. Select the Mode, either:
n Tunnel mode: The entire IP packet is encrypted and/or authenticated and then
encapsulated as the payload in a new IP packet.
n Transport mode: Only the payload of the IP packet is encrypted and/or authenticated.
The IP header is unencrypted.
13. Select the Protocol, either:
n ESP (Encapsulating Security Payload): Provides encryption as well as authentication and
integrity.
n AH (Authentication Header): Provides authentication and integrity only.
14. Strict routing is disabled by default. Toggle on to enable.
Strict routing makes IPsec behave like a policy-based VPN, rather than a route-based VPN.
15. Click to expand Authentication.
a. For Authentication type, select one of the following:
n Pre-shared key: Uses a pre-shared key (PSK) to authenticate with the remote
peer.
i. Type the Pre-shared key.
n Asymmetric pre-shared keys: Uses asymmetric pre-shared keys to authenticate
with the remote peer.
i. For Local key, type the local pre-shared key. This must be the same as the
remote key on the remote host.
ii. For Remote key, type the remote pre-shared key. This must be the same as
the local key on the remote host.
To Next Page
Loading...
