The Configuration | User Management | Base Group screen with
the IPSec tab selected is used to configure IP Security Protocol parameters that
apply to the base group. This section would apply if IPSec or L2TP over IPSec
were selected on the General Parameters tab. Figure 14-22 shows the default
settings. The options are self-explanatory and the Help system provides enough
information, including default values, to make appropriate choices.
The IPSec SA option contains a drop-down menu button to select the
default IPSec security association (SA) assigned to IPSec clients during tunnel
negotiation. Remote-access clients must have a default SA defined, while
LAN-to-LAN connections ignore this selection and use parameters from the
Configuration | System | Tunneling Protocols | IPSec LAN-to-LAN screens.
The Default Preshared Key option (the third option from the
bottom) is used to define the preshared secret key. Use a minimum of four
options and a maximum of 32 alphanumeric characters. This option allows the
following VPN clients to connect to the VPN Concentrator:
-
VPN clients that use preshared secrets, but don’t support
“groups,” such as the Microsoft Windows XP L2TP/IPSec client
-
VPN router devices that are creating inbound connections
from nonfixed IP addresses using preshared secrets
Sections
Comments (0 posted)
Syndication
