Devices running Windows 2008 server can use Suite-B cryptographic algorithms and IKEv1 to support authentication using RSA or ECDSA. Strongswan 4.3 devices can use IKEv2 to support authentication using RSA or ECDSA certificates, Suite-B cryptographic algorithms, and pre-shared keys.

Working with Site-to-Site VPNs with Dynamic IP Addresses

ArubaOS supports site-to-site VPNs with two statically addressed Dell controllers, or with one static and one dynamically addressed controller. By default, site-to-site VPN uses IKE Main-mode with Pre-Shared-Keys to authenticate the IKE SA. This method uses the IP address of the peer, and therefore does not work for dynamically addressed peers.

To support site-site VPN with dynamically addressed devices, you must enable IKE Aggressive-Mode with Authentication based on a Pre-Shared-Key. The Dell controller with a dynamic IP address must be configured to be the initiator of IKE Aggressive-mode for Site-Site VPN, while the controller with a static IP address must be configured as the responder of IKE Aggressive-mode.

Understanding VPN Topologies

You must configure VPN settings on the Dell controllers at both the local and remote sites. In the following figure, a VPN tunnel connects Network A to Network B across the Internet.

Figure 78: Site-to-Site VPN Configuration Components

To configure the VPN tunnel on controller A, you need to configure the following:

The source network (Network A)

The destination network (Network B)

The VLAN on which the controller A’s interface to the Layer-3 network is located (Interface A in the Figure 78)

The peer gateway, which is the IP address of controller B’s interface to the Layer-3 network (Interface B in the Figure 78)

NOTE: Configure VPN settings on the Dell controllers at both the local and remote sites.

Configuring Site-to-Site VPNs

Use the following procedures to create a site-to-site VPN via the WebUI or command-line interfaces.

In the WebUI

1.Navigate to the Configuration > Advanced Services > VPN Services > Site-to-Site page.

2.In the IPsec Maps section, click Add to open the Add IPsec Map window.

3.Enter a name for this VPN connection in the Name field.

4.Enter a priority level for the IPsec map. Negotiation requests for security associations try to match the highest- priority map first. If that map does not match, the negotiation request continues down the list to the next- highest priority map until a match is made.

Dell PowerConnect W-Series ArubaOS 6.2 User Guide

Virtual Private Networks 289

Page 289
Image 289
Dell 6.2 manual Working with Site-to-Site VPNs with Dynamic IP Addresses, Understanding VPN Topologies

6.2 specifications

Dell 6.2 is an advanced enterprise solution that caters to the needs of businesses seeking robust performance and efficiency. As a part of Dell's commitment to innovation, the 6.2 series combines cutting-edge technologies and features that enhance productivity and deliver reliable computing experiences.

One of the standout features of the Dell 6.2 is its impressive processing power. Equipped with the latest Intel processors, it offers exceptional speed and multitasking capabilities. This allows businesses to run demanding applications effortlessly, making it ideal for data-intensive tasks such as data analysis, software development, and virtualization. The series also supports substantial RAM configurations, enabling users to manage extensive workloads without experiencing slowdowns.

In terms of storage, the Dell 6.2 line includes advanced SSD options that significantly boost data access speeds compared to traditional hard drives. This rapid access to information is vital for businesses that require quick retrieval of large datasets. Furthermore, the devices support RAID configurations, which enhances data redundancy and security, protecting critical business information from loss.

Connectivity is another critical aspect of the Dell 6.2 series. It includes multiple USB ports, HDMI outputs, and high-speed Ethernet options, ensuring that users can easily connect to various peripherals and networks. The integration of Wi-Fi 6 technology enables faster wireless connections, resulting in improved internet speeds and bandwidth efficiency, which is crucial in today’s increasingly connected workplaces.

Dell has also prioritized security in the 6.2 series. It features enhanced biometric authentication and advanced encryption methods, safeguarding sensitive data from unauthorized access. Additionally, the system's BIOS protection and automatic updates provide an added layer of security, ensuring that the device remains safe from emerging threats.

The design of the Dell 6.2 is not only sleek and modern but also built for durability. Its robust chassis is engineered to withstand the rigors of daily use, making it suitable for various business environments. This durability ensures that the investment in Dell 6.2 will last for years while maintaining performance integrity.

In summary, the Dell 6.2 series embodies a blend of speed, storage efficiency, connectivity, and security, making it a top choice for enterprises looking to enhance their computing capabilities. With its modern features and durable design, Dell 6.2 is positioned as a reliable partner in driving business success.