The administrator can configure Extensible Authentication Protocol (EAP) and mode config settings for IKEv2 gateways.
IKEv2 EAP Authentication: Select this box to enable EAP authentication. EAP allows users to choose a method suitable for existing credentials and provides an easy means of separating the IKEv2 responder (VPN gateway) from the RADIUS server that acts as the EAP authentication endpoint.
Supplicant: Select Supplicant to set the security device to act as the VPN client. Selecting this setting enables only EAP-MD5 supplicant (client) functionality for IKEv2.
User Name: Specify the username.
Password: Specify the password.
Authenticator: Select Authenticator to use EAP to authenticate a client with a RADIUS authentication server. The security device acts as a proxy (authenticator) and passes the EAP messages between the client (supplicant) and the RADIUS (authentication) server.
Auth Server: Specify the name of the authenticator server.
User Name: Specify the username.
Send ID Req: Check this box to send the ID request.
MODECFG Enable: Check this box to enable the mode config settings for the IKEv2 gateway.
Server: Select Server to enable the mode config profile of the IKEv2 gateway in the server mode.
Action
Add Route: Check this box to add the details of the route.
Information Origin
Use Local DNS: Check this box to specify that the server use the local DNS.
Profile: Select the mode config profile from the drop-down list.
Client: Select Client to enable the mode config profile of the IKEv2 gateway in client mode.