Справочник Пользователя для Ulterius Technologies LLC FDN40
CHAPTER 17: RAVPN
`FDN40ConfigUM/20160505
374
© Ulterius Technologies, LLC 2016. Confidential & Proprietary.
Screen 17-3: RAVPN Policy Type Configuration
17.3.4 Configuring IPSec mode
The mode of the IPSec is configured based on the set up for securing the
traffic. The mode can be either Tunnel or Transport.
traffic. The mode can be either Tunnel or Transport.
The Tunnel mode is used to protect traffic between a SG and a host or
between two security gateways. The Transport mode is used to protect traffic
between a pair of hosts or security gateways.
between two security gateways. The Transport mode is used to protect traffic
between a pair of hosts or security gateways.
Only the payload of the IP packet is encrypted and/or authenticated, when in
transport mode. The entire IP packet is encrypted and/or authenticated, when
in tunnel mode.
transport mode. The entire IP packet is encrypted and/or authenticated, when
in tunnel mode.
This section describes the steps involved in configuring the IPSec mode.
17.3.4.1 CLI Configuration
To configure the VPN policy mode
-
Enter the Global Configuration mode.
UltOs# configure terminal
-
Enter the Crypto Map Configuration mode for an existing policy.
UltOs(config)# crypto map crypto_map_name
-
Set the IPSec mode.
UltOs(config-crypto-map)# crypto ipsec mode tunnel
-
Exit from the Crypto Map Configuration mode.
UltOs(config-crypto-map)# end
To view the VPN policy parameters
-
View the parameters of the VPN policy.
UltOs# sh crypto map
VPN Policy Parameters
-------------------------