2 ipsec settings, 3 debug options, 4 connections – NEXCOM IFA 1610 User Manual

Copyright © 2014 NEXCOM International Co., Ltd. All Rights Reserved.

IFA 3610/IFA 2610/IFA 1610 User Manual

Chapter 7: The VPN Menu

64

7.3.2 IPsec Settings

In this box a few global IPsec options can be set, namely two for Dead peer detection, and quite a lot debugging options.
Additionally, configuration of certificates used in IPsec tunnelled connections is also carried out here.

Roadwariors virtual IP pool
The IP interval from which all roadwarrior connections receive their IP address.

Ping delay (in seconds)
The amount of seconds between two successive pings, used to detect whether the connection is still active.

Timeout interval (in seconds) - IKEv1 only
The maximum amount in seconds of the exchange interval for the IKEv1 protocol.

Hint:

IKEv2 does not need a timeout interval, as it is capable of detecting when the other endpoint does not reply and

which actions to take.

Certificate configuration
Certificate configuration and management is carried out exactly like in the case of OpenVPN server (in Menubar

► VPN

► OpenVPN server), in which all the various management modalities are explained.

7.3.3 Debug Options

Debug options are rather advanced settings and usually not needed, as they only will increase the number of events and
messages recorded in the log file.

The activation of all those options proves useful when issues are experienced during the establishment of a connection
or to produce more precise and technical messages about the normal operations of a tunnel. This way, the log file will
contain very detailed options.

7.3.4 Connections

In this table are shown all the already configured IPsec connection, with the following information:

▪ Name. The name given to the connection.

▪ Type. What kind of tunnel is used.

▪ Common Name. The name of the certificate used to authenticate the connection.

▪ Remark. A comment about the connection.

▪ Status. Whether the connection is either Closed, Connecting or Established.

▪ Actions. The possible operations that can be made on each tunnel:

▪ - the connection is active or not.

▪ - modify the connection’s configuration

▪ - restart the connection.

▪ - display detailed information about the connection.

▪ - remove the connection.

Hint: When a connection is reset from the appliance, it is necessary for the client to reconnect in order to establish the
connection.

Upon clicking on Add new Connection, a panel will appear, which contains all options needed to set up a new IPsec
connection.

Name
The name of the connection.

Remark
A comment for the connection.