|
Navigate to the Services>Ipsec vpn>Ike level in
the configuration hierarchy.
|
- In the J-Web interface, select Configuration>View
and Edit>Edit Configuration.
- Next to Services, click Configure or Edit.
- Next to Ipsec vpn, click Configure or Edit.
- Next to Ike, click Configure.
|
From the [edit] hierarchy level, enter
edit services ipsec-vpn ike
|
|
Configure an IKE proposal—for example, ike-dynamic-proposal—that
defines the authentication method, authentication and encryption algorithms,
and the lifetime of the keys.
|
- Next to Proposal, click Add new entry.
- In the Name box, type ike-dynamic-proposal.
|
Enter
set proposal ike-dynamic-proposal
|
|
Configure the authentication algorithm—for example, sha1.
|
In the Authentication algorithm box, select sha1.
|
Enter
set proposal ike-dynamic-proposal authentication-algorithm sha1
|
|
Configure the authentication method—for example, pre-shared-keys.
|
In the Authentication method box, select pre-shared-keys.
|
Enter
set proposal ike-dynamic-proposal authentication-method pre-shared-keys
|
|
Configure the Diffie-Helman group to be used for key negotiations—for
example, group1.
|
In the Dh group box, select group1.
|
Enter
set proposal ike-dynamic-proposal dh-group group1
|
|
Configure an encryption algorithm—for example, 3des-cbc.
|
In the Encryption algorithm box, select 3des-cbc.
|
Enter
set proposal ike-dynamic-proposal encryption-algorithm 3des-cbc
|
|
Configure the lifetime (in seconds) of the encryption and authentication
keys—for example, 3600.
|
- In the Lifetime seconds box, type 3600.
- Click OK until you return to the Configuration
page.
|
Enter
set proposal ike-dynamic-proposal lifetime-seconds 3600
|