Lantronix EMG 8500 EMG User Guide - Page 118
Myvpnconn[1]: Ike Proposal: 3des_cbc/hmac_md5_96/prf_hmac_md5, 3des_cbc/hmac_md5_96/modp_1024
View all Lantronix EMG 8500 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 118 highlights
7: Networking MyVPNConn[1]: IKE proposal: 3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/ MODP_1024 MyVPNConn{1}: INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: c6b71deb_i 95f877ec_o MyVPNConn{1}: 3DES_CBC/HMAC_MD5_96/MODP_1024, 131 bytes_i (1 pkt, 93s ago), 72 bytes_o (1 pkt, 94s ago), rekeying in 7 hours MyVPNConn{1}: 172.28.28.188/32 === 10.3.0.0/24 10.81.101.0/24 10.81.102.0/24 10.81.103.0/24 The EMG loads a subset of the available strongSwan plugins. If an option is given in a custom ipsec.config file that requires a plugin that is not loaded by the EMG, this may cause an error during tunnel negotiation. The loaded plugins can be viewed in the VPN Status when the VPN tunnel is enabled. Sample ipsec.conf files are provided in the EMG online help files for a variety of tunnel configurations and peers. The strongSwan Wiki also provides a variety of usable examples and sample configurations, in addition to interoperability recommendations. Depending on the VPN configuration, it may be necessary to enable IP Forwarding or to add static routes; in some cases traffic may not be passed through the tunnel without enabling IP Forwarding or static routes. Refer to the VPN routing table that is displayed with the VPN status. A watchdog program is automatically run when the VPN tunnel is enabled. This program will detect if the VPN tunnel goes down (for reasons other than the user disabling the tunnel). The watchdog program will: Generate a syslog message when the tunnel goes up or down If traps are enabled, send a slcEventVPNTunnel SNMP trap when the tunnel goes up or down If an email address is configured in the VPN configuration, send an email when the tunnel goes up or down If enabled, automatically restart the VPN tunnel When using VPN with Network Fail-over, the Local IP Address should not be configured for the VPN tunnel. This will allow strongSwan to automatically determine the IP address on the local (console manager) side of the tunnel based on the network configuration during both fail-over and fail-back. VPN tunnels over an console manager Ethernet interfaces that is configured with an MTU less than 256 may experience issues (traffic loss, etc). To set up a VPN connection: 1. Click the Network tab and select the VPN option. The following page displays: EMG™ Edge Management Gateway User Guide 118