Example – Westermo RedFox Series User Manual
Page 808
Westermo OS Management Guide
Version 4.17.0-0
Example
Alice’s Configuration
Bob’s Configuration
tunnel
tunnel
ipsec 0
ipsec 0
enable
enable
no aggressive
no aggressive
pfs
pfs
no ike
no ike
no esp
no esp
no peer
peer 10.10.1.2
no outbound
no outbound
local-id dn "C=US, O=ACME, CN=Alice"
local-id dn "C=US, O=FOOBAR, CN=Bob"
remote-id dn "C=US, O=FOOBAR, CN=Bob"
remote-id dn "C=US, O=ACME, CN=Alice"
local-subnet 10.0.1.0/24
local-subnet 10.0.2.128/29
remote-subnet 10.0.2.0/29
remote-subnet 10.0.1.0/24
method cert
method cert
local-cert AliceCert
local-cert BobCert
remote-cert BobCert
remote-cert AliceCert
no initiator
initiator
dpd-action clear
dpd-action restart
dpd-delay 30
dpd-delay 30
dpd-timeout 120
dpd-timeout 120
sa-lifetime 28800
sa-lifetime 28800
ike-lifetime 3600
ike-lifetime 3600
end
end
end
end
808
➞ 2015 Westermo Teleindustri AB