Chapter 7 VPN
IPSec Configuration Parameters and IP Security Association DetailsThe following table describes the configuration parameters for the IPSec security protocol:
Table
Parameter | Description |
|
|
|
|
IPSec Global Setup |
|
|
|
Enable Verbose messages in | Select this option to log more detailed information when the X |
the VPN Log | family device is establishing a VPN connection. |
|
|
Enable IPSec Global VPNs | Check this option to enable IPSec globally on the X family device. |
|
|
Local Domain Name | Enter the Domain Name for the Local ID. If specified, this value can |
| be used to authenticate Phase 1 of the IKE proposal. You only need |
| to specify this parameter if the IKE proposal is configured for |
| aggressive mode. |
|
|
Local Email Address | Enter the Email address to use for the Local ID. If specified, this |
| value can be used to authenticate Phase 1 of the IKE proposal. You |
| only need to specify this parameter if the IKE proposal is |
| configured for aggressive mode. |
|
|
IP Security Association Details: This table displays the IPSec Security Associations (SAs) that have been configured on the X family device.
Name | The name of the IPSec Security Association. |
|
|
Keying Mode | Shows the Keying mode configured for the IPSec Security |
| Association. |
| For additional information on keying modes, see “Configure an |
| IPSec SA for a |
| the Default SA for |
| |
|
|
IPSec Gateway | The IP address of the peer VPN device |
|
|
Local Network | Shows what local traffic may access or be accessed over the VPN |
| based on the SA configuration. |
|
|
Remote Network | Shows what traffic can be sent over the VPN tunnel based on the SA |
| configuration. |
|
|
Functions | Icons representing functions to manage the IPSec Security |
| Associations. The following functions are available: |
| • Delete an SA |
| Note You cannot delete the default SA. |
| • Edit an SA |
|
|
188 X Family LSM User’s Guide V 2.5.1