SmartWare Software Configuration Guide

32 • VPN configuration

 

 

permit 4 ip any 10.0.0.0 0.255.255.255 ipsec-policy VPN permit 5 ip any any

profile ipsec-transform IPSEC_3DES_192 esp-encryption 3des-cbc 192

profile isakmp-transform ISAKMP_3DES_192 encryption 3des-cbc 192 authentication-algorithm sha1

profile ipsec-policy-isakmp VPN

authentication-method pre-shared-key sdfkl@hgdslkfs/iuçkfld$gus+ghf mode tunnel

peer 1.2.3.4 diffie-hellman-group group2

use profile ipsec-transform 1 IPSEC_3DES_192

use profile isakmp-transform 1 ISAKMP_3DES_192

context ip interface WAN

use profile acl WAN_Out out

Troubleshooting

To analyze configuration or networking problems related to IKE, the IKE module contains the following debug monitors which log important information about the exchanged ISAKMP messages:

debug ike event

This monitor prints every ISAKMP message sent or received as well as the current state of the ISAKMP main and quick modes.

debug ike error

This monitor prints information about errors detected during the ISAKMP exchange.

Key management (IKE)

374

Page 374
Image 374
Patton electronic SmartNode 4110 Series manual Use profile acl WANOut out, Debug ike event, Debug ike error