6. Refer to the
Peer IP Address | Use the Peer IP Address to associate an IP address with the specific tunnel used by a group |
| of peers. |
Aggressive Mode | Displays whether aggressive mode is enabled for this IP address and key string. A green |
| check mark defines aggressive mode as enabled. A red “X” denotes the mode as disabled. |
Key | Displays the string ID a remote peer uses to look up |
7.Highlight an existing set of
8.Select an existing entry and click the Delete button to remove it within the table.
9.If the properties of an existing peer IP address, key and aggressive mode designation are no longer relevant and cannot be edited to be useful, click the Add button to create a new
a. Select the Peer IP Address checkbox to associate an IP address with the specific tunnel used by a group of peers or, select the Distinguished Name checkbox to configure the switch to restrict access to those peers with the same distinguished name, or select the Hostname checkbox to allow
b. Define the Key (string ID) a remote peer uses to look up the
c. Select the Aggressive Mode checkbox if required. Aggressive mode enables you to configure Internet Key Exchange (IKE)
d. Refer to the Status field for the current state of the requests made from applet. This field displays error messages if something goes wrong in the transaction between the applet and the switch.
e. Click OK to use the changes to the running configuration and close the dialog.
f. Click Cancel to close the dialog without committing updates to the running configuration.
6.7.2 Setting IKE Policies
Each IKE negotiation is divided into two phases. Phase 1 creates the first tunnel (protecting later IKE negotiation messages) and phase 2 creates the tunnel protecting the data. To define the terms of the IKE negotiation, create one or more IKE policies, including the following: