EasyManuals Logo

Tiesse Imola LX 5200 User Manual

Default Icon
376 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #248 background imageLoading...
Page #248 background image
Tunnel IPSEC
USER GUIDE
248
set route host 3.3.3.3 gw 192.168.203.253
set ipsec debug
set ipsec phase1 PHASEI remote-end 192.168.203.253
set ipsec phase1 PHASEI local-end eth1
set ipsec phase1 PHASEI encryption-algorithm aes
set ipsec phase1 PHASEI hash-algorithm sha1
set ipsec phase1 PHASEI dh-group 5
set ipsec phase1 PHASEI authentication-method pre-shared-key
set ipsec phase1 PHASEI exchange-mode main
set ipsec phase2 PHASEII match-phase1 CISCO
set ipsec phase2 PHASEII encryption-algorithm aes
set ipsec phase2 PHASEII authentication-algorithm hmac-sha1
set ipsec phase2 PHASEII mode tunnel
set ipsec phase2 PHASEII security esp
set ipsec phase2 PHASEII level require
set ipsec phase2 PHASEII local-subnet 1.1.1.1/32
set ipsec phase2 PHASEII remote-subnet 3.3.3.3/32
set ipsec pre-shared-key 192.168.203.253 tiesseadm
set ipsec on
If both the Phase I and Phase II of a VPN IPSec are ended with agreement, the following message will
show:
root@IMOLA> set ipsec on
Starting ipsec daemon.. done
root@IMOLA> VPN connexion established
To see all messages of activation from the logs, it's necessary to launch their visualization
immediately after giving the start command:
root@IMOLA> set ipsec on
root@IMOLA> show log
Sep 2 18:48:49 IMOLA racoon: INFO: accept a request to establish IKE-SA:
192.168.203.253
Sep 2 18:48:49 IMOLA racoon: INFO: initiate new phase 1 negotiation:
192.168.203.252[500]<=>192.168.203.253[500]
Sep 2 18:48:49 IMOLA racoon: INFO: begin Identity Protection mode.
Sep 2 18:48:51 IMOLA racoon: INFO: received Vendor ID: CISCO-UNITY
Sep 2 18:48:51 IMOLA racoon: INFO: received Vendor ID: DPD
Sep 2 18:48:51 IMOLA racoon: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
Sep 2 18:48:52 IMOLA racoon: INFO: ISAKMP-SA established 192.168.203.252[500]-
192.168.203.253[500] spi:ca0f3fc7868ea695:4823dd8cbda34dbc
These logs are a sequence of messages that represent an IPSec VPN that is starting successfully.
The simplest way to check if the VPN has been created successfully, is to try if the crypto ACL's are
working, like we show in the following example (using a ping trial, specifying a suitable source
address):

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Tiesse Imola LX 5200 and is the answer not in the manual?

Tiesse Imola LX 5200 Specifications

General IconGeneral
BrandTiesse
ModelImola LX 5200
CategoryNetwork Router
LanguageEnglish

Related product manuals