ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
9.Specify the VPN policy settings. These settings must match the configuration of the remote VPN client. Recommended settings are:
•SA Lifetime: 3600 seconds
•Authentication Algorithm:
•Encryption Algorithm: 3DES
10.Click Apply.
The new record should appear in the List of Mode Config Records on the Mode Config screen.
Configuring an IKE Policy for Mode Config Operation
Next, you must configure an IKE policy:
1.Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies screen in view (see Figure
2.Click add to configure a new IKE Policy. The Add IKE Policy screen displays (see Figure 5- 34 on page
3.In the Mode Config Record section, enable Mode Config by checking the Yes radio box and selecting the Mode Config record you just created from the
Mode Config works only in Aggressive Mode, and Aggressive Mode requires that both ends of the tunnel be defined by a FQDN.
4.In the General section:
•Enter a description name in the Policy Name field such as “SalesPerson”. This name will be used as part of the remote identifier in the VPN client configuration.
•Set Direction/Type to Responder.
•The Exchange Mode will automatically be set to Aggressive.
5.In the Local section, select FQDN for the Identity Type.
6.In the Local section, choose which WAN port to use as the VPN tunnel end point.
7.In the Remote section, enter an identifier in the Identity Type field that is not used by any other IKE policies. This identifier will be used as part of the local identifier in the VPN client configuration.
8.In the IKE SA Parameters section, specify the IKE SA settings. These settings must be matched in the configuration of the remote VPN client.
Virtual Private Networking |
