IPSec Configuration

The following figure shows the IPSec Status page:

Figure 7–1: IPSec Status Page

From this page, you can complete the following tasks:

If IPSec is enabled, view current status of the IPSec SA Phase 1 and Phase 2 negotiation process.

View a summary of IPSec SA that have been used to negotiate tunnels on the device.

Renegotiate IKE Phase 1 or Phase 2 of the IPSec VPN connection.

Access the IPSec Configuration page to enable IPSec and view and manage the IPSec Security Associations required to establish a VPN connection.

For additional information, see the following topics:

“IPSec Status Details” on page 185

“IPSec Configuration” on page 187

IPSec Status Details

If IPSec is enabled, the IPSec Status table provides information about the IPSec Security Associations currently configured on the X family device:

Table 7–1: IPSec Status Details

Column

Description

 

 

 

 

Name

The name of the security association that is configured for this connection.

 

The Default SA is a pre-installed SA used if no other SA matches the VPN

 

connection

 

 

Peer IP Address

The public IP address of the remote VPN X family or network device

 

 

Local ID

The Local ID information used to negotiate IKE Phase 1.

 

 

Peer ID

The Peer ID information used to negotiate IKE Phase 1.

 

 

Proposal

The IKE proposal used to negotiate the VPN connection.

 

 

X Family LSM User’s Guide V 2.5.1

185