|
Navigate to the Services>Ipsec vpn>IPsec level
in the configuration hierarchy.
|
- In the J-Web interface, select Configuration>View
and Edit>Edit Configuration.
- Next to Services, click Configure or Edit.
- Next to Ipsec vpn, click Configure.
- Next to Ipsec, click Configure.
|
From the [edit] hierarchy level, enter
edit services ipsec-vpn ipsec
|
|
Configure an IPSec proposal—for example, ipsec-dynamic-proposal—that
defines the authentication and encryption algorithms, the lifetime of the
keys, and the protocol.
|
- Next to Proposal, click Add new entry.
- In the Name box, type ipsec-dynamic-proposal.
|
Enter
set proposal ipsec-dynamic-proposal
|
|
Configure the authentication algorithm—for example, hmac-md5-96.
|
In the Authentication algorithm box, select hmac-md5-96.
|
Enter
set proposal ipsec-dynamic-proposal authentication-algorithm hmac-md5-96
|
|
Configure an encryption algorithm—for example, 3des-cbc.
|
In the Encryption algorithm box, select 3des-cbc.
|
Enter
set proposal ipsec-dynamic-proposal encryption-algorithm 3des-cbc
|
|
Configure the lifetime (in seconds) of the encryption and authentication
keys—for example, 3600.
|
In the Lifetime seconds box, type 3600.
|
Enter
set proposal ipsec-dynamic-proposal lifetime-seconds 3600
|
|
Configure the protocol to be used for key negotiations—for example, esp.
|
- In the Protocol box, select esp.
- Click OK until you return to the main
Configuration page.
|
Enter
set proposal ipsec-dynamic-proposal protocol esp
|