5 - 290 WiNG 5.5 Access Point System Reference Guide
3. Select a target device from the device browser in the lower, left-hand, side of the UI.
4. Select Security to expand its sub menu options.
5. Select Auto IPSec Tunnel to configure its parameters.
Figure 5-183 Device Overrides - Security – Auto IPSec Tunnel screen
6. Refer to the following table to override the Auto IPSec tunnel settings:
7. Select OK to save the updates made to the Auto IPSec Tunnel screen. Selecting Reset reverts the screen to its last saved
configuration.
5.4.5.5.5 Overriding General Security Settings
Overriding a Security Configuration
A profile can leverage existing firewall, wireless client role and WIPS policies and configurations and apply them to the
configuration. This affords a profile a truly unique combination of data protection policies. However, as deployment
requirements arise, an individual access point may need some or all of its general security configuration overridden from that
applied in the profile.
To define a profile’s security settings and overrides:
1. Select Devices from the Configuration tab.
Group ID Configure the ID string used for IKE authentication. String length can be between 1-64
characters
Authentication Type Set the IPSec Authentication Type. Options include PSK (Pre Shared Key) or rsa.
Authentication Key Set the common key for authentication between the remote tunnel peer. Key length is
between 8-21 characters
IKE Version Configure the IKE version to use. The available options are ikev1-main, ikev1-aggr and
ikev2.
Enable NAT after IPSec Select this option to enable NAT after IPSec. Enable this if there are NATted networks
behind VPN tunnels.
Use Unique ID In scenarios where different access points behind different NAT boxes/routers have the
same IP address, it is not possible to create a tunnel between the wireless controller
and access point, as the wireless controller fails to identify the access point uniquely.
When selected, each access point behind a same NAT box/router will have an unique
ID which is used to create the VPN tunnel.
To Next Page
Loading...
