Mettle Knowledge
Search:     Advanced search
Browse by category:

Setting Up IPsec VPN

Views: 2168
Votes: 0
Posted: 18 Jun, 2012
by: Knowledge M.
Updated: 12 Nov, 2012
by: Knowledge M.
VPN Mobile Client Creation

A) Go to Connectivity >> IPsec >> Tunnels

Check the check box that says 'Enable IPsec'
Click Save

B) Go to Connectivity >> IPsec >> Tunnels >> Add Phase One Entry

Phase 1 proposal:
  1. Select Authentication Mode as Mutual PSK
  2. Choose the Negotiation Mode as Aggressive.
  3. Select My identifier as My IP Address.
  4. Select Peer identifier as Peer IP Address
  5. Enter Preshared key
  6. Leave Policy generation as Default.
  7. Leave Proposal checking as Default.
  8. Choose Encryption Algorithm as 3DES.
  9. Choose Hash Algorithm as SHA1.
  10. Select DH Key Group as 2.
  11. Give Lifetime in Seconds. If in doubt give 86400.
  12. Choose Authentication Method as Pre-Shared Key.
Phase 2 proposal:
  1. Choose 'Mode' as 'Tunnel'
  2. Enter Local Network
  3. Enter Remote Network
  4. Choose protocol as ESP
  5. Choose Encryption Algorithms 3DES, Blowfish, CAST128, Rjindael (AES)
  6. Choose Hash Algorithms SHA1 & MD5.
  7. Select PFS Key Group as 2
  8. Enter Lifetime in Seconds. If in doubt enter 3600.
  9. Click on Save and then Apply Changes.

After enabling IPsec  it is necessary to create firewall rule to allow IPsec traffic through the interface. Go to Security >> Firewall >> IPsec to create the rule.
Others in this Category
document Choosing a VPN Technology
document Setting up IPSec Tunnel
document Setting Up an IPSec VPN Client: Example Given Using Shrewsoft VPN Client
document IPsec VPN Troubleshooting