Siemens SCALANCE M874-3

To Next Page

To Previous Page

VPN tunnel between SCALANCE M-800 and security CPs

4.3 Secure VPN tunnel with certificates

SCALANCE M-800 Getting Started

Getting Started, 06/2015, C79000-G8976-C337-04

167

Configuration file

Settings in WBM

Remote ID: U5A634732@GC4D8 Security > IPSec VPN > Authentication > Remote ID:

U5A634732@GC4D8

Remote net address: 192.168.184.0 Security > IPSec VPN > Remote End > Remote Subnet:

192.168.184.0/24

Remote subnet mask: 255.255.255.0

Local net address: 192.168.100.0 Security > IPSec VPN > Connections > Local Subnet:

192.168.100.0/24

Local subnet mask: 255.255.255.0

IPsec VPN > Connections > Edit IKE

Security > IPSec VPN > Connections > Keying Protocol: IKEv1

Phase 1 - ISAKMP SA

ISAKMP-SA encryption: 3DES-168

Security > IPSec VPN > Phase 1 > Encryption: 3DES

ISAKMP-SA hash: SHA-1

Security > IPSec VPN > Phase 1 > Authentication: SHA-1

ISAKMP-SA mode: Main mode

ISAKMP-SA lifetime (seconds): 86400

The value is specified in seconds in the text file. In

the WBM, the value must be entered in minutes.

Security > IPSec VPN > Phase 1 > Liftime [min]: 1440

Phase 2 - IPSec SA

IPsec SA encryption: 3DES-168

Security > IPSec VPN > Phase 2 > Encryption: 3DES

IPsec SA hash: SHA-1

Security > IPSec VPN > Phase 2 > Authentication: SHA-1

IPsec SA lifetime (seconds): 86400

The value is specified in seconds in the text file. In

the WBM, the value must be entered in minutes.

Security > IPSec VPN > Phase 1 > Liftime [min]: 1440

Perfect Forward Secrecy (PFS): No

DH/PFS group: DH-2 1024 Security > IPSec VPN > Phase 1 > Key Derivation: DH group 2

Security > IPSec VPN > Phase 2 > Key Derivation: DH group 2

NAT-T: On

DPD delay (seconds): 150

DPD timeout (seconds): 60

Security > IPSec VPN > Phase 1 > DPD-Timeout [sec]: 60

DPD maximum failures: 5

Main Page

Siemens SCALANCE M874-3 - Page 167

Table of Contents

Other manuals for Siemens SCALANCE M874-3

Related product manuals