7: Networking
EMG™ Edge Management Gateway User Guide
127
To see the X.509 Certificates for the local peer and the remote peer, select the
View X.509
Certificates
link.
Sample ipsec.conf Files
Sample ipsec.conf files are provided for a variety of tunnel setups and peers. In all examples, any
left options are for the console manager/local side of the tunnel, and any right options are for the
remote side of the tunnel.
Cisco Pre-Shared Key / XAUTH / MODECFG / IKEv1
Cisco ASA5525x Pre-Shared Key / IKEv1
Cisco ASA5525x Pre-Shared Key / IKEv2
Cisco ISR 2921 Pre-Shared Key / XAUTH / IKEv2
Cisco Pre-Shared Key / XAUTH / MODECFG / IKEv1
This configuration is an example of a remote access connection to a Cisco VPN server / responder
that uses
to authenticate and push dynamic IP addresses and DNS
servers to a VPN client. The use of aggressive mode requires that
ike
and
esp
algorithms be
specified and exactly match what the Cisco server is expecting.
Console manager configuration
The pre-shared key and the XAUTH password need to be configured via the console manager UI.
conn Cisco
keyexchange=ikev1
ike=3des-md5-modp1024!
esp=3des-md5-modp1024!
aggressive=yes
lifetime=28800s
forceencaps=no
authby=xauthpsk
left=10.0.1.55
leftsourceip=%config4
leftid=@vpnid
xauth=client
xauth_identity=username
modeconfig=pull
right=220.41.123.45
rightsubnet=0.0.0.0/0
dpddelay=30
dpdtimeout=120
dpdaction=hold
auto=start
type=tunnel
Summary of Contents for EMG Series
Page 100: ...7 Networking EMG Edge Management Gateway User Guide 100 Figure 7 5 Network Wireless Settings...
Page 353: ...15 Maintenance EMG Edge Management Gateway User Guide 353 Figure 15 12 About EMG...
Page 474: ...EMG Edge Management Gateway User Guide 474 Figure E 3 EU Declaration of Conformity...
Page 475: ...EMG Edge Management Gateway User Guide 475 Figure E 4 EU Declaration of Conformity continued...