|
Navigate to the Services>Ipsec vpn>IPsec level in the configuration hierarchy.
|
- In the J-Web interface, select Configuration>View
and Edit>Edit Configuration.
- Next to Services, click Configure or Edit.
- Next to Ipsec vpn, click Configure.
- Next to Ipsec, click Configure.
|
From the [edit] hierarchy level, enter
edit services ipsec-vpn ipsec
|
|
Configure an IPsec proposal—for example, ipsec-dynamic-proposal—that defines the authentication and encryption algorithms,
the lifetime of the keys, and the protocol.
|
- Next to Proposal, click Add
new entry.
- In the Name box, type ipsec-dynamic-proposal.
|
Enter
set proposal ipsec-dynamic-proposal
|
|
Configure the authentication algorithm—for example, hmac-md5-96.
|
In the Authentication algorithm box, select hmac-md5-96.
|
Enter
set proposal ipsec-dynamic-proposal authentication-algorithm
hmac-md5-96
|
|
Configure an encryption algorithm—for example, 3des-cbc.
|
In the Encryption algorithm box, select 3des-cbc.
|
Enter
set proposal ipsec-dynamic-proposal encryption-algorithm
3des-cbc
|
|
Configure the lifetime (in seconds) of the encryption and authentication
keys—for example, 3600.
|
In the Lifetime seconds box, type 3600.
|
Enter
set proposal ipsec-dynamic-proposal lifetime-seconds 3600
|
|
Configure the protocol to be used for key negotiations—for
example, esp.
|
- In the Protocol box, select esp.
- Click OK until you return
to the main Configuration page.
|
Enter
set proposal ipsec-dynamic-proposal protocol esp
|