Virtual Private Networks (VPN) IPsec
IX14 User Guide
535
iv. For Peer verification, select either:
l
Peer certificate: For Peer certificate, paste the peer's X.509 certificate in
PEM format.
l
Certificate Authority: For Certificate Authority chain, paste the
Certificate Authority (CA) certificates. These must include all peer
certificates in the chain up to the root CAcertificate, in PEM format.
15. (Optional) For Management Priority, set the management priority for this IPsec tunnel. A
tunnel that is up and has the highest priority will be used for central management and direct
device access.
16. (Optional) To configure the device to connect to its remote peer as an XAUTHclient:
a. Click to expand XAUTH client.
b. Click Enable.
c. Type the Username and Password that the device will use to authenticate as an
XAUTHclient with the peer.
17. (Optional) Click Enable MODECFG client to receive configuration information, such as the
private IP address, from the remote peer.
18. Click to expand Local endpoint.
a. For Type, select either:
n
Default route: Uses the same network interface as the default route.
n
Interface: Select the Interface to be used as the local endpoint.
b. Click to expand ID.
i. Select the ID type:
n
Auto: The ID will be automatically determined from the value of the tunnels
endpoints.
n
Raw: Enter an IDand have it passed unmodified to the underlying IPsec stack.
For Raw IDvalue, type the ID that will be passed.
n
Any: Any ID will be accepted.
n
IPv4: The ID will be interpreted as an IP address and sent as an ID_IPV4_ADDR
IKE identity.
For IPv4 IDvalue, type an IPv4 formatted ID. This can be a fully-qualified
domain name or an IPv4 address.
n
IPv6: The ID will be interpreted as an IP address and sent as an ID_IPV6_ADDR
IKE identity.
For IPv6 IDvalue, type an IPv6 formatted ID. This can be a fully-qualified
domain name or an IPv6 address.
n
RFC822/Email: The ID will be interpreted as an RFC822 (email address).
For RFC822 ID value, type the IDin internet email address format.
To Next Page
Loading...
Need help?
General
