ICR-1601
122
Configuration Path
[IPSec]-[Configuration]
IPSec
■
Enable
Configuration Path
[IPSec]-[Tunnel Configuration]
Tunnel
■
Enable
Tunnel Name
s2s-101
Interface
WAN 1
Tunnel Scenario
Site to Site
Operation Mode
Always on
Configuration Path
[IPSec]-[Local & Remote Configuration]
Local Subnet
10.0.76.0
Local Netmask
255.255.255.0
Full Tunnel
Disable
Remote Subnet
10.0.75.0
Remote Netmask
255.255.255.0
Remote Gateway
118.18.81.33
Configuration Path
[IPSec]-[Authentication]
Key Management
IKE+X.509 Local Certificate: HQCRT Remote Certificate: BranchCRT
Local ID
User Name Network-A
Remote ID
User Name Network-B
Configuration Path
[IPSec]-[IKE Phase]
Negotiation Mode
Main Mode
X-Auth
None
For Network-B at Branch Office
Following tables list the parameter configuration as an example for the "My Certificate" function used
in the user authentication of IPSec VPN tunnel establishing, as shown in above diagram.
The configuration example must be combined with the ones in following two sections to complete the
whole user scenario.
Use default value for those parameters that are not mentioned in the tables.
Configuration Path
[My Certificate]-[Local Certificate Configuration]
Name
BranchCRT Self-signed:
□
Key
Key Type: RSA Key Length: 1024-bits
Subject Name
Country(C): TW State(ST): Taiwan Location(L): Tainan
Organization(O): AMITBranch Organization Unit(OU): BranchRD
Common Name(CN): BranchCRT E-mail: [email protected]
Configuration Path
[IPSec]-[Configuration]
IPSec
■
Enable