EasyManuals Logo

ELTEX ESR Series User Manual

ELTEX ESR Series
575 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #204 background imageLoading...
Page #204 background image
ESR-Series. User manual
204
To configure security zones rules, you should create ISAKMP port profile:
esr(config)# object-group service ISAKMP
esr(config-addr-set)# port-range 500,4500
esr(config-addr-set)# exit
Create IKE protocol profile. Select Diffie-Hellman group 2, 3DES encryption algorithm and SHA1
authentication algorithm in the profile. The given security parameters are used for IKE connection
protection:
esr(config)# security ike proposal IKEPROP
esr(config-ike-proposal)# dh-group 2
esr(config-ike-proposal)# authentication algorithm sha1
esr(config-ike-proposal)# encryption algorithm 3des
esr(config-ike-proposal)# exit
Create IKE protocol policy. For the policy, specify the list of IKE protocol profiles that may be used for
node, authentication key, XAUTH authentication method by key and client authentication mode
negotiation:
esr(config)# security ike policy IKEPOLICY
esr(config-ike-policy)# pre-shared-key hexadecimal 123FFF
esr(config-ike-policy)# authentication method xauth-psk-key
esr(config-ike-policy)# authentication mode client
esr(config-ike-policy)# proposal IKEPROP
esr(config-ike-policy)# exit
Create an access profile and get in it a pair of username and password:
esr(config)# access profile XAUTH
esr(config-access-profile)# user client1
esr(config-profile)# password ascii-text password123
esr(config-profile)# exit
esr(config-access-profile)# exit
Create a loopback interface for terminating the IP address received from the IPsec VPN server:
esr(config)# interface loopback 8
esr(config-loopback)# exit
Create IKE protocol gateway. Specify the policy, the termination interface, the dynamic setting mode of
the remote subnet, the access profile selection for XAUTH, and the mode of redirecting traffic to the
tunnel by policy in this profile:
esr(config)# security ike gateway IKEGW
esr(config-ike-gw)# ike-policy IKEPOLICY
esr(config-ike-gw)# assign-interface loopback 8
esr(config-ike-gw)# local address 120.11.5.1
esr(config-ike-gw)# remote address 180.100.0.1
esr(config-ike-gw)# remote network dynamic client
esr(config-ike-gw)# mode policy-based
esr(config-ike-gw)# xauth access-profile xauth client client1
esr(config-ike-gw)# exit

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the ELTEX ESR Series and is the answer not in the manual?

ELTEX ESR Series Specifications

General IconGeneral
ModelESR Series
CategoryNetwork Router
ManufacturerELTEX
ManagementWeb interface, CLI, SNMP
Operating Temperature0°C to 40°C
DimensionsVaries by model
WeightVaries by model
Routing ProtocolsOSPF, BGP
WAN InterfacesEthernet, SFP
LAN InterfacesEthernet, SFP
VPN SupportIPsec, L2TP, PPTP
FirewallStateful packet inspection, ACLs
Power over Ethernet (PoE)Available on some models
QoSTraffic prioritization

Related product manuals