![]() ![]() Now that Phase 1 and Phase 2 of the VPN rule have been completed, uncheck the box to “Use Policy Route to control dynamic IPSec rules”. Under Related Settings, make sure the Zone is set for “IPSec_VPN”.It is unnecessary to enable it, but if you wish to use the added encryption level, the options are None, DH1, DH2 and/or DH5. Perfect Forward Secrecy (PFS) is an added level of encryption.Active Protocol under the Phase 2 Setting should be set to “ESP”. ![]() This will give the VPN user access over all devices connected to LAN1 Scroll down to the Policy option and set the Local Policy to use the “LAN1_SUBNET” address object.For the application scenario, set the VPN Gateway dropdown to use the Phase 1 policy created in the previous step.Set the VPN Gateway application scenario to use “Remote Access (Server Role)”.Check the box to enable the rule and give it a name.On the top left of the window, click the Show Advanced Settings button to view all options in the menu. Now that the VPN Gateway (Phase 1) rule has been created, click on the VPN Connection tab to insert the Phase 2 rule for the VPN tunnel. Note: The caution symbol to the right will appear on areas where input is required or a mistake with the entry, such as illegal/unsupported characters. Select the Diffie-Hellman key group (options are DH1, DH2, DH5).Set the “Encryption” and “Authentication” proposal you wish to use (Encryption options are DES, 3DES, AES128, AES192, AES256) (Authentication options are MD5, SHA1, SHA256, SHA512).Under the Phase 1 Settings, set the Negotiation Mode dropdown to use the “Main” mode.Enter/Create a VPN authentication “Pre-Shared Key”. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |