Compatible Systems INTRAPORT 2+ User Manual

44

Chapter 6 - Basic Configuration Guide

5. Set an IPSec Gateway.

For dual Ethernet setups, the IPSec Gateway is the equivalent of a
default gateway for the IPSec interface (Ethernet 1). Enter the TCP/IP
address of the upstream or Internet router for your network. This must
be an address on the same TCP/IP network as the Ethernet 1 address of
the IntraPort 2/2+.

For single Ethernet setups, the IPSec Gateway is an optional setting. It
serves as a default gateway for all IPSec (i.e., tunneled) traffic. Enter
the TCP/IP address of your Internet firewalling router. This must be an
address on the same TCP/IP network as the Ethernet 0 address of the
IntraPort 2/2+.

Use configure and set the IPSecGateway keyword in the General
section.

Example

configure general

[ General ] # ipsecgateway = 206.45.55.2

6. Set an IKE Policy.

There are two phases to the IKE negotiation. During Phase 1 negotia-
tion, the IntraPort and Client must authenticate each other. The IKE
Policy section controls this Phase 1 negotiation. Phase 2 negotiation
involves the setup of an individual tunnel connection and is controlled
by the Transform keyword in the VPN Group Name section, docu-
mented in Step 7.

Use configure and set the Protection keyword in the IKE Policy section.
The Protection keyword specifies a protection suite for the IKE negoti-
ation between the IntraPort server and client.

Example

configure IKE Policy

[ IKE Policy ]# protection=md5_des_g1