Configuring an ike proposal, Adding gre over ipsec tunnels – H3C Technologies H3C Intelligent Management Center User Manual

Page 89

Advertising
background image

79

c.

Select the IPsec proposal template in the IPsec Proposal List.

d.

Click OK.
The parameters in the IPsec proposal template are automatically filled in the IPsec proposal
configuration page.

e.

Click OK.

Configuring an IKE proposal

1.

Click Add in the IKE Proposal area.

2.

Enter a sequence number in the Proposal Num. box.
A smaller sequence number determines a higher matching priority. You can manually configure

the IKE proposal through step 3, or import an IKE proposal template through step 4.

3.

Configure the IKE proposal:

a.

Select DES, 3DES, AES(128), AES(192), or AES(256) from the Encryption Algorithm list.

b.

Select MD5 or SHA1 from the Authentication Algorithm list

c.

Select DH Group 1, DH Group 2, DH Group 5, or DH Group 14 from the DH Group ID list.

d.

Enter the ISAKMP SA lifetime in seconds in the ISAKMP SA Life Time box.

e.

Click OK.
The IKE Authentication method cannot be modified when you configure the IKE proposal. For
information about modifying this parameter, see "

Configuring default IPsec and IKE settings

."

4.

Import an IKE proposal template:

a.

Click the Import icon

next to the proposal number.

The Query IKE Proposals window appears. This window automatically filters IKE proposal
templates that do not match the IKE Authentication method set in "

Configuring default IPsec

and IKE settings

."

You can add, modify, and delete IKE proposal templates in IKE Proposals. For more
information about IKE proposal templates, see "

Managing IKE proposals

."

b.

Enter the name of the IKE proposal template you want to query, and click Query.

c.

Select the IKE proposal template in the IKE Proposal List.

d.

Click OK.
The parameters in the IKE proposal template are automatically filled in the IKE proposal
configuration page.

e.

Click OK.

Adding GRE over IPsec tunnels

1.

From the navigation tree, select IPsec VPN Manager > IPsec Resources > VPN Domains.

2.

Click a VPN domain name in the VPN Domain List to enter the VPN domain page.

3.

Click Global Setup to view VPN domain configuration, including basic VPN domain settings and
security proposals.
For more information about VPN domains, see "

Adding GRE over IPsec VPN domains

."

4.

Click Back.

5.

Click Add in the Tunnel List area to add GRE over IPsec tunnels as follows:

Advertising
Popular Brands
Popular manuals