What security protocol is supported by XG 210? AH or ESP --- or both? How do I see know which one is being used?
The reason I ask it is because under "VPN"-->"IPsec Profiles" I dont see the option. My guess that ESP is the default protocol?......
Am trying to establish a VPN tunnel with a third-party and their VPN settings are as shown on below table BUT so far I have been unable to make it work....and want to eliminate the possibility of an "ESP" issue....also, how can I disable the "PFS"? I read on a different post that all I need to is to select "none" on Phase 2 on the "PFS Group (DH Group)" which I did however when I go to the main page of "IPsec Profiles" I still see it as "Enable".....
Any help is greatly appreciated.
|
IP Address of FIS VPN Gateway |
XX.XX.XX.XX |
|
|
IP Address of remote VPN Gateway |
|
|
|
Transform Set |
ESP-AES256-SHA |
|
|
Encryption |
AES256/SHA |
|
|
Perfect Forward Secrecy |
Off |
|
|
Diffie_Helman |
Group 2 |
|
|
SA Lifetime |
86400 |
|
|
FIS Encryption Domain. |
|
Router config:
crypto map mv_cust_vpn 925 ipsec-isakmp
set peer X.X.X.X
set security-association lifetime seconds 86400
set transform-set tx-set-1
match address crypto_domain_ident_925
crypto ipsec transform-set tx-set-1 esp-aes 256 esp-sha-hmac
mode tunnel
ip access-list extended crypto_domain_ident_925
permit ip X.X.X.X 0.0.0.15 host X.X.X.X
crypto isakmp key XXXXXX address X.X.X.X no-xauth
ISAKMP policies:
crypto isakmp policy 22
encr aes
authentication pre-share
group 2
!
This thread was automatically locked due to age.
