Defining an IKE Policy
Firebox Vclass User Guide 309
3 In the Name and Description fields, type a name and
brief description for the IKE policy. The Description is
optional.
4 Select a preconfigured address group from the Peer
Address Group
drop-down list or click New to create
a new address group.
For information on creating an address group, see “Defining an
address group” on page 180.
5 Select a preconfigured IKE Action from the drop-
down list, or click
New to create a new IKE action.
For information on creating an IKE action, see “Defining an IKE
action” on page 310.
6 From the Peer Authentication ID field, select one of
the following options:
Address Group
Select the address group of the remote gateway
from the drop-down list, or click
New to create a
new address group. For information on creating an
address group, see “Defining an address group” on
page 180.
Domain Name
Type the domain name of the remote gateway.
User Domain Name
Type the user domain name of the remote gateway.
X.500 Name
Type the X.500 certificate name used by the remote
gateway.
Any
This allows any traffic from the remote gateway to
initiate the IKE policy. No ID will be verified.
7 If you previously selected an IKE action that
incorporates RSA or DSA as the authentication type,
the Local Certificates options become active and the
RSA or DSA drop-down lists become active. From the
drop-down list, select the appropriate certificate.
To Next Page
Loading...
