Lantronix EMG 8500 EMG User Guide - Page 128
Sample ipsec.conf Files, View console, manager and Remote Peer RSA Public Key, View X.509
View all Lantronix EMG 8500 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 128 highlights
7: Networking To see the RSA public key for the EMG (required for configuring the remote host if RSA Public Keys are being used), and the RSA public key for the remote peer, select the View console manager and Remote Peer RSA Public Key link. To see the X.509 Certificates for the local peer and the remote peer, select the View X.509 Certificates link. Sample ipsec.conf Files Sample ipsec.conf files are provided for a variety of tunnel setups and peers. In all examples, any left options are for the console manager/local side of the tunnel, and any right options are for the remote side of the tunnel. Cisco Pre-Shared Key / XAUTH / MODECFG / IKEv1 Cisco ASA5525x Pre-Shared Key / IKEv1 Cisco ASA5525x Pre-Shared Key / IKEv2 Cisco ISR 2921 Pre-Shared Key / XAUTH / IKEv2 Cisco Pre-Shared Key / XAUTH / MODECFG / IKEv1 This configuration is an example of a remote access connection to a Cisco VPN server / responder that uses XAUTH and MODECFG to authenticate and push dynamic IP addresses and DNS servers to a VPN client. The use of aggressive mode requires that ike and esp algorithms be specified and exactly match what the Cisco server is expecting. Console manager configuration The pre-shared key and the XAUTH password need to be configured via the console manager UI. conn Cisco keyexchange=ikev1 ike=3des-md5-modp1024! esp=3des-md5-modp1024! aggressive=yes lifetime=28800s forceencaps=no authby=xauthpsk left=10.0.1.55 leftsourceip=%config4 leftid=@vpnid xauth=client xauth_identity=username modeconfig=pull right=220.41.123.45 rightsubnet=0.0.0.0/0 dpddelay=30 dpdtimeout=120 dpdaction=hold auto=start type=tunnel EMG™ Edge Management Gateway User Guide 128