IPsec parameters
Digi TransPort User Guide 395
IPsec Tunnels > IPsec n parameters
Once the IKE parameters have been set-up, the next stage is to define the characteristics of the
IPsec tunnels, or encrypted routes. This includes items such as what source and destination
addresses will be connected by the tunnel and what type of encryption and authentication
procedures will be applied to the packets being tunneled. For obvious reasons it is essential that
parameters such as encryption and authentication are the same at each end of the tunnel. If they
are not, then the two systems will not be able to agree on what set of rules or policy to adopt for
the IPsec tunnel and communication cannot take place.
Description
This parameter allows you to enter a name for IPsec tunnel to make it easier to identify.
The IP address or hostname of the remote unit
The IP address or hostname of the remote IPsec peer that a VPN will be initiated to.
Use a.b.c.d as a backup unit
The IP address or hostname of a backup peer. If the router cannot open a connection to the
primary peer, this configuration will be used. Please note that the backup peer device must
have an identical IPsec tunnel configuration as the primary peer.
Use these settings for the local LAN
These define the local LAN subnet settings used on the IPsec tunnel.
IP Address
Use this IP address for the local LAN subnet. This is usually the IP address of the router’s
Ethernet interface or that of a specific device on the local subnet (such as a PC running a client
or host application).
Mask
Use this IP mask for the local LAN subnet. The mask sets the range of IP addresses that will be
allowed to use the IPsec tunnel.
Use interface x,y
Use the IP address and mask of the specified interface.
Use these settings for the remote LAN
These define the remote LAN subnet settings used on the IPsec tunnel.
To Next Page
Loading...
