EasyManuals Logo

ELTEX ESR Series User Manual

ELTEX ESR Series
575 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #201 background imageLoading...
Page #201 background image
ESR-Series. User manual
201
1.
9.4.6 Remote Access IPsec VPN configuration example
Objective:
Configure Remote Access IPsec VPN between R1 and R2 using the second IPsec authentication factor,
XAUTH. Configure router R1 as the IPsec VPN server, and router R2 as the IPsec VPN client.
R2 IP address: 120.11.5.1;
R1 IP address: 180.100.0.1;
For IPsec VPN clients:
issue addresses from the subnet pool 192.0.2.0/24
provide access to the LAN subnet 10.0.0.0/16
IKE:
Diffie-Hellman group: 2;
encryption algorithm: 3DES;
authentication algorithm: SHA1.
IPSEC:
encryption algorithm: 3DES;
authentication algorithm: SHA1.
XAUTH:
login: client1;
password: password123.
Solution:
R1 configuration
Configure external network interface and identify its inherence to a security zone:
esr# configure
esr(config)# security zone untrusted
esr(config-zone)# exit
esr(config)# interface gigabitethernet 1/0/1
esr(config-if-gi)# security-zone untrusted
esr(config-if-gi)# ip address 180.100.0.1/24
esr(config-if-gi)# exit
To configure security zones rules, you should create ISAKMP port profile:
esr(config)# object-group service ISAKMP
esr(config-object-group-service)# port-range 500,4500
esr(config-object-group-service)# exit

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the ELTEX ESR Series and is the answer not in the manual?

ELTEX ESR Series Specifications

General IconGeneral
ModelESR Series
CategoryNetwork Router
ManufacturerELTEX
ManagementWeb interface, CLI, SNMP
Operating Temperature0°C to 40°C
DimensionsVaries by model
WeightVaries by model
Routing ProtocolsOSPF, BGP
WAN InterfacesEthernet, SFP
LAN InterfacesEthernet, SFP
VPN SupportIPsec, L2TP, PPTP
FirewallStateful packet inspection, ACLs
Power over Ethernet (PoE)Available on some models
QoSTraffic prioritization

Related product manuals