IPsec parameters
Digi TransPort User Guide 397
Our ID
When Aggressive mode is On, this parameter is a string of up to 20 characters. It is sent to the
remote peer to identify the initiator (such as the router). The variable %s can be used in this
parameter which will cause the router’s serial number to be sent. It can be prefixed with other
text if required.
When certificates are being used, this parameter should be configured with the Altname field
in a valid certificate held on the router.
Our ID type
Defines how the remote peer is to process the Our ID configuration.
Remote ID
When Aggressive mode is On, this parameter is a string of up to 20 characters, used to identify
the remote peer. It should contain the same text as the Our ID parameter in the remote peer’s
configuration. When Aggressive mode is Off, this parameter must be the IP address of the
remote peer.
RSA Key File
This parameter can be used to override the private key filename in the IKE configuration. It is
only used when RSA Signatures (Certificates) are being used for the authentication stage of
the IKE negotiation.
Use enc encryption on this tunnel
The ESP encryption protocol to use with this IPsec tunnel. The options are:
• No (None)
•Null
•DES
•3DES
• AES (128 bit keys)
• AES (192 bit keys)
• AES (256 bit keys)
If the dropdown options only display None and Null, the router requires encryption enabling.
See your Digi sales contact regarding enabling encryption.
ID type Description
IKE ID The Our ID parameter is a simple key ID (such as vpnclient1).
FQDN The Our ID parameter is a Fully Qualified Domain Name (such as
vpnclient1.anycompany.com)
User FQDN The Our ID parameter is a Fully Qualified Domain Name with a user element
(such as joe.bloggs@anycompany.com)
IPv4 Address An IPv4 Address in dotted decimal notation.
To Next Page
Loading...
