Compatible Systems 2+ manual Configure tunnel partner vpn

Page 55

Chapter 6 - Basic Configuration Guide

49

 

 

If Manual is specified, this Tunnel Partner will not use IKE, and the tunnel’s encryption and authentication parameters must be manually set in the Manual Key Management dialog box, which is not described here.

ϖNote: For more information regarding non-IKE encryption and authentication, refer to the Text-Based Configuration and Command Line Management Reference Guide.

If Initiate is specified, this Tunnel Partner will use IKE, but will only initiate tunnel establishment attempts and will not respond to them.

If Respond is specified, this Tunnel Partner will use IKE, but will only respond to tunnel establishment attempts and will not initiate them.

Transform-Sets the authentication and encryption algorithms to be used for tunnel sessions. ESP(MD5,DES) is the default setting and is recommended for most settings.

SharedKey-Sets a shared alphanumeric secret which is used to generate session keys for authenticating and/or encrypting each packet sent or received through the tunnel.

Dual Ethernet Setup Example

configure tunnel partner vpn 0

*[ Tunnel Partner VPN 0 ]# partner=10.10.5.3 *[ Tunnel Partner VPN 0 ]# bindto=ether 1 *[ Tunnel Partner VPN 0 ]# keymanage=auto

*[ Tunnel Partner VPN 0 ]# transform=esp(md5,des) *[ Tunnel Partner VPN 0 ]# sharedkey=babaganoush

Single Ethernet Setup Example

configure tunnel partner vpn 0

*[ Tunnel Partner VPN 0 ]# partner=10.10.5.3 *[ Tunnel Partner VPN 0 ]# bindto=ether 0 *[ Tunnel Partner VPN 0 ]# keymanage=auto

*[ Tunnel Partner VPN 0 ]# transform=esp(md5,des) *[ Tunnel Partner VPN 0 ]# sharedkey=babaganoush

3. Save the Configuration and download it to the device.

Use the save command to save the configuration and download it to the device. When asked if you are sure that you want to download the configuration and restart the device, reply yes. After the IntraPort has rebooted, LAN-to-LAN tunnels can be established.

ϖNote: Do not turn the IntraPort 2/2+ off during the boot process or it will lose its operating software.

Page 54 Page 56
Image 55
Page 54 Page 56
Contents Page Page Getting Started Network InstallationGetting Help with the IntraPort 2/2+ VPN Access Server IntroductionAppendix a Shipping Defaults Basic Configuration GuideParameters Pin Outs for DB-25 Male to DB-25 Female RS-232 Data InformationSystems Appendix F Terms and ConditionsPage Introduction About the IntraPort 2/2+ VPN Access ServerIntraPort 2/2+ VPN Access Server Installa- tion Overview IntroductionBasic Configuration Guide Network InstallationCompatiView Software Installation Command Line PreparationAppendices Introduction Alternate Protocols and Security ParametersPage Few Notes Warranty and ServiceGetting Help with the IntraPort 2/2+ VPN Access Server Getting StartedNeeded for Installation Supplied with the IntraPort 2/2+ VPN Access ServerWhat You Will Need To Get Started VPN Client Software Requirements Ethernet Connection RequirementsPage Connecting the Server to the Ethernet Network InstallationPlacing the Server Powering Up the Server Connecting a Management ConsoleSystem Requirements CompatiView for WindowsTransport Protocols and CompatiView Installation and OperationCompatiView Software Installation Page Out-of-Band Command Line Management Command Line ManagementSetting Up Telnet Operation Temporarily Reconfiguring a Host for Command Line ManagementIP Ethernet 0 section Page Setup Options Basic Configuration GuideDiagram of Dual-Ethernet Setup Diagram of Dual-Ethernet SetupDiagram of Single Ethernet Setup Diagram of Single-Ethernet SetupVPN Client Tunnel Settings Configuration Using CompatiViewTurn off AppleTalk and IPX optional Dual Ethernet Single Ethernet TCP/IP Routing Ethernet Single Ethernet Turn IP off on Ethernet Dual Ethernet Set basic IP parameters for EthernetIP Connection Ethernet IP Static Routes Basic Configuration Guide Set an IP Gateway for EthernetDual Ethernet Static Route Single Ethernet Static Route Basic Configuration Guide IPSec Gateway Basic Configuration Guide Set an IPSec GatewayIKE Policy Set an IKE PolicyVPN Group Configuration General Tab Basic Configuration Guide Set up VPN Group ConfigurationsVPN Group Configuration IKE Configuration Tab IKE Configuration Transform List Basic Configuration Guide Basic Configuration Guide VPN Group Configuration IPX Connection Tab VPN User Configuration Basic Configuration Guide Set up VPN UsersVPN User Save the configuration to a file and download to the device Tunnel Partner VPN # Set up the Tunnel PartnerAdd a VPN Port Add VPN PortIKE Key Management Set up Key ManagementIKE Configuration Transform List Save the configuration to a file and download to the device Example Basic Configuration Using Command LineSingle Ethernet Setup Example Edit IP Static Append Configure general Basic Configuration Guide Set up VPN Group Configurations Configure vpn group basic vpn config Save the Configuration and download it to the device Use the configure command to add a VPN Port Configure tunnel partner vpn Required for IPX IPX ProtocolSuggested for IPX Required for AppleTalk Setting up Radius AuthenticationSetting the IntraPort for a Radius Server AppleTalk ProtocolRadius Server User Authentication Settings Setting up SecurID Authentication ACE/Server Settings Setting the IntraPort for an ACE/ServerSaving a Configuration File to Flash ROM Page Ethernet Interfaces Appendix a Shipping DefaultsAppendix B Connector and Cable Pin Outs Appendix B Connector and Cable Pin OutsAppendix C Security Dynamics ACE/Server Information Page IntraPort 2/2+ VPN Access Servers LED Patterns IntraPort 2 Connections/Users LEDs Appendix D LED Patterns and Test Switch SettingsIntraPort 2+ Connections/Users LEDs IntraPort 2 Special Indicators IntraPort 2/2+ VPN Access Server Switch SettingsIntraPort 2+ Special Indicators Page Compatible Systems WWW Server Appendix E Downloading Software From Compatible SystemsPage Appendix F Terms and Conditions Appendix F Terms ConditionsPage Appendix F Terms and Conditions
Top Page Image Contents