Virtual PrivateNetworks(VPN) IPsec
IX20 User Guide
495
n
esp (Encapsulating Security Payload): Providesencryption as well asauthentication and
integrity.
n
ah (Authentication Header): Provides authentication and integrity only.
The default is esp.
9. (Optional) Set the management priority for this IPsec tunnel:
(config vpn ipsec tunnel ipsec_example)> mgmt value
(config vpn ipsec tunnel ipsec_example)>
where value is any interger between 0 and 1000.
10. Set the authentication type:
(config vpn ipsec tunnel ipsec_example)> auth type value
(config vpn ipsec tunnel ipsec_example)>
where value is one of:
n
secret: Usesa pre-shared key (PSK) to authenticate with the remote peer.
a. Set the pre-shared key:
(config vpn ipsec tunnel ipsec_example)> auth secret key
(config vpn ipsec tunnel ipsec_example)>
n
asymmetric-secrets: Uses asymmetric pre-shared keys to authenticate with the remote
peer.
a. Set the local pre-shared key. This must be the same as the remote key on the
remote host.:
(config vpn ipsec tunnel ipsec_example)> auth local_secret key
(config vpn ipsec tunnel ipsec_example)>
b. Set the remote pre-shared key. This must be the same as the local key on the
remote host.:
(config vpn ipsec tunnel ipsec_example)> auth remote_secret key
(config vpn ipsec tunnel ipsec_example)>
n
rsasig: Usesa private RSA key to authenticate with the remote peer.
a. For the private_key parameter, paste the device's private RSA key in PEMformat:
(config vpn ipsec tunnel ipsec_example)> auth private_key key
(config vpn ipsec tunnel ipsec_example)>
b. Set the private key passphrase that is used to decrypt the private key. Leaveblank
if the private key is not encrypted.
(config vpn ipsec tunnel ipsec_example)> auth private_key_
passphrase passphrase
(config vpn ipsec tunnel ipsec_example)>
c. For the peer_public_key parameter, paste the peer's public RSA key in PEM
format:
To Next Page
Loading...