EasyManuals Logo

ELTEX ESR Series User Manual

ELTEX ESR Series
575 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #191 background imageLoading...
Page #191 background image
ESR-Series. User manual
191
To configure security zones rules, you should create ISAKMP port profile:
esr(config)# object-group service ISAKMP
esr(config-addr-set)# port-range 500
esr(config-addr-set)# exit
Create IKE protocol profile. Select Diffie-Hellman group 2, AES 128 bit encryption algorithm and MD5
authentication algorithm in the profile. The given security parameters are used for IKE connection
protection:
esr(config)# security ike proposal ike_prop1
esr(config-ike-proposal)# dh-group 2
esr(config-ike-proposal)# authentication algorithm md5
esr(config-ike-proposal)# encryption algorithm aes128
esr(config-ike-proposal)# exit
esr(config)#
Create IKE protocol policy. For the policy, specify the list of IKE protocol profiles that may be used for
node and authentication key negotiation:
esr(config)# security ike policy ike_pol1
esr(config-ike-policy)# pre-shared-key hexadecimal 123FFF
esr(config-ike-policy)# proposal ike_prop1
esr(config-ike-policy)# exit
Create IKE protocol gateway. For this profile, specify VTI tunnel, policy, protocol version and mode of
traffic redirection into the tunnel.
esr(config)# security ike gateway ike_gw1
esr(config-ike-gw)# ike-policy ike_pol1
esr(config-ike-gw)# remote address 198.51.100.1
esr(config-ike-gw)# remote network 10.0.0.0/16
esr(config-ike-gw)# local address 203.0.113.1
esr(config-ike-gw)# local network 192.0.2.0/24
esr(config-ike-gw)# mode policy-based
esr(config-ike-gw)# exit
Create security parameters profile for IPsec tunnel. For the profile, select Diffie-Hellman group 2, AES
128 bit encryption algorithm and MD5 authentication algorithm. Use the following parameters to secure
IPsec tunnel:
esr(config)# security ipsec proposal ipsec_prop1
esr(config-ipsec-proposal)# authentication algorithm md5
esr(config-ipsec-proposal)# encryption algorithm aes128
esr(config-ipsec-proposal)# exit
Create a policy for IPsec tunnel. For the policy, specify the list of IPsec tunnel profiles that may be used
for node negotiation:
esr(config)# security ipsec policy ipsec_pol1
esr(config-ipsec-policy)# proposal ipsec_prop1
esr(config-ipsec-policy)# exit

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the ELTEX ESR Series and is the answer not in the manual?

ELTEX ESR Series Specifications

General IconGeneral
ModelESR Series
CategoryNetwork Router
ManufacturerELTEX
ManagementWeb interface, CLI, SNMP
Operating Temperature0°C to 40°C
DimensionsVaries by model
WeightVaries by model
Routing ProtocolsOSPF, BGP
WAN InterfacesEthernet, SFP
LAN InterfacesEthernet, SFP
VPN SupportIPsec, L2TP, PPTP
FirewallStateful packet inspection, ACLs
Power over Ethernet (PoE)Available on some models
QoSTraffic prioritization

Related product manuals