Szablon: Web ipsec: Różnice pomiędzy wersjami

Z Elproma Wiki Knowledge Base
Skocz do: nawigacja, szukaj
(Utworzono nową stronę "The <b>IPsec</b> page of {{{model}}} router is used to configure IPsec tunnel. ==IPsec== IPsec {| class="wikitable" |- ! Name ! Description |- | | |} 800px|border|class=tlt-border [[Category:{{{model}}} User Manual]]")
 
Linia 1: Linia 1:
The <b>IPsec</b> page of {{{model}}} router is used to configure IPsec tunnel.
The <b>IPsec</b> page of {{{model}}} router is used to configure IPsec tunnel.


==IPsec==
==Tunnels Configuration==


IPsec
In <b>Tunnels Configuration</b> part you can add, edit or delete IPsec tunnel. To add new tunnel use Add button.
 
[[File:web_vpnipsec.png|800px|border|class=tlt-border]]
 
===Tunnel details===
 
{| class="wikitable"
|-
  ! Name
  ! Value
  ! Description
|-
  | Local LAN
  |
  |
|-
  | Remote LAN
  |
  |
|-
  | Version of IKE to negotiation
  | IKEv2, IKEv1 or IKEv1 + IKEv2. Default: IKEv2
  |
|}
 
[[File:web_vpnipsect.png|800px|border|class=tlt-border]]
 
===Advanced tunnel configuration===


{| class="wikitable"
{| class="wikitable"
|-
|-
   ! Name
   ! Name
  ! Value
   ! Description
   ! Description
|-
|-
  | crypto_proposal
  | list
  | List of ESP (phase two) proposals
|-
  | Local NAT
  | IPv4 in CIDR format
  | NAT range for tunnels with overlapping IP addresses
|-
  | startaction
  | route, start or none
  | Action on initial configuration load (none, start, route)
|-
  | updown
  | file
  | Path to script to run on CHILD_SA up/down events
|-
  | lifetime
  |
  | Maximum duration of the CHILD_SA before closing (defaults to 110% of rekeytime)
|-
  | rekeytime
   |  
   |  
  | Duration of the CHILD_SA before rekeying
|-
  | dpdaction
  | none, clear, hold, restart, trap or start
  | Action done when DPD timeout occurs
|-
  | closeaction
  | add, route, start, none or trap
  | Action done when CHILD_SA is closed
|-
  | if_id
   |  
   |  
  | XFRM interface ID set on input and output interfaces (should be coordinated with “ifid” values in route entries on “xfrm” interfaces
|-
  | priority
  | integer equal or higher than 0
  | Priority of the CHILD_SA
|-
  | ipcomp
  | On/Off, default: Off
  | Enable ipcomp compression
|-
  | hw_offload
  | On/Off, default: Off
  | Enable H/W offload
|}
|}


[[File:web_vpnipsec.png|800px|border|class=tlt-border]]
[[File:web_vpnipseca.png|800px|border|class=tlt-border]]


[[Category:{{{model}}} User Manual]]
[[Category:{{{model}}} User Manual]]

Wersja z 11:13, 4 lis 2022

The IPsec page of {{{model}}} router is used to configure IPsec tunnel.

Tunnels Configuration

In Tunnels Configuration part you can add, edit or delete IPsec tunnel. To add new tunnel use Add button.

Web vpnipsec.png

Tunnel details

Name Value Description
Local LAN
Remote LAN
Version of IKE to negotiation IKEv2, IKEv1 or IKEv1 + IKEv2. Default: IKEv2

Web vpnipsect.png

Advanced tunnel configuration

Name Value Description
crypto_proposal list List of ESP (phase two) proposals
Local NAT IPv4 in CIDR format NAT range for tunnels with overlapping IP addresses
startaction route, start or none Action on initial configuration load (none, start, route)
updown file Path to script to run on CHILD_SA up/down events
lifetime Maximum duration of the CHILD_SA before closing (defaults to 110% of rekeytime)
rekeytime Duration of the CHILD_SA before rekeying
dpdaction none, clear, hold, restart, trap or start Action done when DPD timeout occurs
closeaction add, route, start, none or trap Action done when CHILD_SA is closed
if_id XFRM interface ID set on input and output interfaces (should be coordinated with “ifid” values in route entries on “xfrm” interfaces
priority integer equal or higher than 0 Priority of the CHILD_SA
ipcomp On/Off, default: Off Enable ipcomp compression
hw_offload On/Off, default: Off Enable H/W offload

Web vpnipseca.png

[[Category:{{{model}}} User Manual]]

Źródło: „http://wiki.elpromaelectronics.com/index.php?title=Szablon:Web_ipsec&oldid=1038