Mettle Knowledge
Search:     Advanced search
Browse by category:

Setting up IPSec Tunnel

Views: 2126
Votes: 0
Posted: 18 Jun, 2012
by: Knowledge M.
Updated: 12 Nov, 2012
by: Knowledge M.

VPN Tunnel Creation

Go to Connectivity >> IPsec >> Tunnels

  1. Under  'Tunnels' check the 'Enable IPsec' check box and click on 'Save'
  2. To create a new IPsec tunnel click on 'Add New' button.
  3. Select WAN interface.
  4. At 'Local Subnet' enter local Network IP address, this is the Network to give access to VPN hosts.
  5. At 'Remote Subnet' enter IP address of the remote Network which will be connecting to the VPN.
  6. At 'Remote Gateway' enter public IP address of the remote Gateway.
  7. Enter a name or description for the Tunnel.

The Phase 1 (Authentication) of configuration will be done next. Options selected here and changes made should reflect in the remote VPN device.

  1. Select negotiation mode - Main for more security
  2. Choose and set an Identifier
  3. Choose an encryption mode - DES for low security 3DES for higher security.
  4. Choose a hash algorithm.
  5. Choose a DH key group.
  6. Enter key lifetime in seconds. Lower number for more security & less performance or higher number for more performance & less security.
  7. Choose authentication method - RSA signature for higher security. Pre Shared Key for ease of use.
  8. If the RSA signature is selected RSA certificates and keys should be generated and pasted in their respective fields. Remote hosts should have matching RSA certificates.
  9. If pre shared key is the preferred method then a key should be entered in the field for 'Pre Shared Key'. Remote VPN hosts should match this key.

The Phase 2 (SA/Key exchange) settings is to be configured next.

  1. Choose ESP as protocol.
  2. Choose encryption algorithm(s).
  3. Choose hash algorithm(s).
  4. Choose PFS key group.
  5. Enter lifetime in seconds.
  6. Enter IP address of the remote host to ping so as to keep the connection alive (optional).
Others in this Category
document Setting Up IPsec VPN
document Choosing a VPN Technology
document Setting Up an IPSec VPN Client: Example Given Using Shrewsoft VPN Client
document IPsec VPN Troubleshooting