-
Go to VPN -> IPSec -> Phase-2 Profiles -> <Multi-Proposal> ->
.
Changing the Phase-2 profile |
Go to the following menu to change the profile for phase-2:
Go to
VPN -> IPSec -> Phase-2 Profiles
-> <Multi-Proposal>
->
.
VPN -> IPSec -> Phase-2
Profiles-> <Multi-Proposal>
->
Relevant fields in the Phase-2 Profiles menu
| Field | Meaning |
|---|---|
| Description | Define a name for the profile. |
| Proposal | Defines the encryption and authentication algorithm to be used. |
| Use PFS Group | Determines whether or not PFS (Perfect Forwarding Secrecy) is used. |
| Lifetime | Defines the time or data volume after which re-authentication is carried out. |
Proceed as follows to change the profile for phase-2:
Under Description enter the name of the profile, for example, Phase2 .
Under Proposal Encryption select 3DES , under Authentication select SHA1 in the first entry. Since at least one proposal must be configured at any one time, the first entry in the list is enabled by default.
Select Use PFS Group.
Under Lifetime Seconds enter the time in seconds, in this example 3600 and leave the KBytes set to 0 .
Additional settings are required for the phase-2 configuration. For this, go to the following menu:
Go to
Phase-2 Profile ->
<Multi-Proposal>->
-> Advanced
Settings.
Relevant fields in the menu Advanced Settings
| Field | Meaning |
|---|---|
| Alive Check | Defines the type of phase monitoring. |
| Propagate PMTU | Determines whether or not the PMTU (Path Maximum Transfer Unit) is transferred. |
Proceed as follows:
Under Alive check select Inactive .
Deselect Propagate PMTU.
Confirm with OK.
Configure the phase 2 for the gateway in the branch in the same way.
| Copyright© Version 01/2020 bintec elmeg GmbH |