[Prev][Report an Error]

Configuring the Manual Tunnel using J-Web

Use the following procedure to configuring auto tunnel.

To access Manual Tunnel using J-Web:

In the J-Web user interface, select Configure>Manual Tunnel. The details of the display page are as shown in Table 153.
Click one of the following:
- Add—Adds a manual tunnel. Enter information as specified in Table 154.
- Edit— Modifies the selected manual tunnel.
- Delete— Deletes a selected manual tunnel.

Table 153: Display Page for Manual Tunnel

Field	Function
Name	Name of the manual tunnel.
Gateway	Gateway selected.
Bind Interface	The tunnel interface to which the route-based virtual private network (VPN) is bound.
Df Bit	Don't Fragment (DF) bit in the outer header.

Table 154: VPN Manual Configuration Add Options

Field	Function	Action
IPsec Manual
VPN Name	Name of the VPN Name for the IPsec tunnel..	Enter the VPN Name.
Remote Gateway	Name of the remote gateway.	Enter the gateway.
	Types of protocols available for configuration. AH stands for authentication and ESP stands for Encryption algorithm ESP AH	Select a protocol for the proposal.
SIP	Security Parameter Index values ranging from (256..16639).	Select a policy.
Blind to tunnel interface	The tunnel interface to which the route-based virtual private network (VPN) is bound.	Select an interface.
Do not fragment bit	Specifies how the device handles the Don't Fragment (DF) bit in the outer header. clear—Clear (disable) the DF bit from the outer header. This is the default. copy—Copy the DF bit to the outer header. Set—Sets the DF bot to the outer header.	Choose an option.
Enable VPN Monitor
Destination IP	IP address of the destination peer.	Enter an IP address.
Optimized	Specifies that the device uses traffic patterns as evidence of peer liveliness. If enabled, ICMP requests are suppressed. This feature is disabled by default.	Click the check box.
Source Interface	The source interface for ICMP requests (VPN monitoring “hellos”). If no source interface is specified, the device automatically uses the local tunnel endpoint interface.	Specify a source interface.
Key Values
Authentication
Algorithm	Hash algorithm that authenticates packet data. It can be one of the following: hmac-md5-96—Produces a 128-bit digest. hmac-sha1-96—Produces a 160-bit digest.	Select a hash algorithm.
ASCII Text	Pre-shared value of key	Enable the ASCII Text option and enter the key in the appropriate format.
Hexadecimal	Pre-shared value of key	Enable the hexadecimal option and enter the key in the appropriate format.
Encryption	Supported Internet Key Exchange (IKE) proposals include the following: 3des-cbc—3DES-CBC encryption algorithm. aes-128-cbc—AES-CBC 128-bit encryption algorithm. aes-192-cbc—AES-CBC 192-bit encryption algorithm. aes-256-cbc—AES-CBC 256-bit encryption algorithm. des-cbc—DES-CBC encryption algorithm	Select an encryption algorithm.
ASCII Text	Preshared value of key	Enable the ASCII Text option and enter the key in the appropriate format.
Hexadecimal	Pre shared	Enable the hexadecimal option and enter the key in the appropriate format.

[Prev][Report an Error]