Virtual PrivateNetworks(VPN) IPsec
IX20 User Guide
498
(config vpn ipsec tunnel ipsec_example)> local id type ipv4_id
id
(config vpn ipsec tunnel ipsec_example)>
n
ipv6: The IDwill be interpreted as an IPv6 address and sent as an ID_IPV6_ADDR
IKEidentity.
Set an IPv6 formatted ID. Thiscan be a fully-qualified domain name or an IPv6
address.
(config vpn ipsec tunnel ipsec_example)> local id type ipv6_id
id
(config vpn ipsec tunnel ipsec_example)>
n
rfc822: The IDwill be interpreted as an RFC822 (email address).
Set the ID in internet email addressformat:
(config vpn ipsec tunnel ipsec_example)> local id type rfc822_id
id
(config vpn ipsec tunnel ipsec_example)>
n
fqdn: The IDwill be interpreted as FQDN (Fully Qualified Domain Name) and sent as
an ID_FQDN IKEidentity.
n
keyid: TheIDwill be interpreted as a Key IDand sent as an ID_KEY_IDIKEidentity.
Set the key ID:
(config vpn ipsec tunnel ipsec_example)> local id type keyid_id
id
(config vpn ipsec tunnel ipsec_example)>
n
mac_address: Thedevice's MAC addresswill be used for the Key IDand sent as an
ID_KEY_IDIKEidentity.
n
serial_number: The IDdevice's serial number will be used for the Key IDand sent
as an ID_KEY_IDIKEidentity.
14. Configure the remote endpoint:
a. Add a remote hostname:
(config vpn ipsec tunnel ipsec_example)> add remote hostname end value
(config vpn ipsec tunnel ipsec_example)>
where value is the hostname or IPv4 address of the IPsec peer. If your device is not
configured to initiate the IPsec connection (see ike initiate), you can also use the keyword
any, which means that the hostname isdynamic or unknown.
Repeat for additional hostnames.
b. Set the hostname selection type:
(config vpn ipsec tunnel ipsec_example)> remote hostname_selection
value
(config vpn ipsec tunnel ipsec_example)>
where value is one of:
To Next Page
Loading...