Support User Manuals

Cisco Systems OL-16647-01 Network Router User Manual

Open as PDF

of 1230

35-55

Cisco ASDM User Guide

OL-16647-01

Chapter 35 General

Mapping Certificates to IPSec or SSL VPN Connection Profiles

Add/Edit Site-to-Site Connection

The Add or Edit IPSec Site-to-Site Connection dialog box lets you create or modify an IPSec Site-to-Site

connection. These dialog boxes let you specify the peer IP address, specify a connection name, select an

interface, specify IKE peer and user authentication parameters, specify protected networks, and specify

encryption algorithms.

Fields

• Peer IP Address—Lets you specify an IP address and whether that address is static.

• Connection Name—Specifies the name assigned to this tunnel group. For the Edit function, this field

is display-only. You can specify that the connection name is the same as the IP address specified in

the Peer IP Address field.

• Interface—Selects the interface to use for this connection.

• IKE Authentication—Specifies the pre-shared key and ID certificate to use when authenticating an

IKE peer.

–

Pre-shared Key—Specify the value of the pre-shared key for the tunnel group. The maximum

length of the pre-shared key is 128 characters.

–

Identity Certificate—Specifies the name of the identity certificate, if available, to use for

authentication.

–

Manage—Opens the Manage CA Certificates window, on which you can see the certificates that

are already configured, add new certificates, show details for a certificate, and edit or delete a

certificate.

• Protected Networks—Selects or specifies the local and remote network protected for this

connection.

–

Local Network—Specifies the IP address of the local network.

–

...—Opens the Browse Local Network dialog box, on which you can select a local network.

–

Remote Network—Specifies the IP address of the remote network.

–

...—Opens the Browse Remote Network dialog box, on which you can select a remote network.

• Encryption Algorithm—Specifies the encryption algorithms to use in the IKE and IPSec proposals.

–

IKE Proposal—Specifies one or more encryption algorithms to use for the IKE proposal.

–

Manage—Opens the Configure IKE Proposals dialog box.

–

IPSec Proposal—Specifies one or more encryption algorithms to use for the IPSec proposal.

Modes

The following table shows the modes in which this feature is available:

Firewall Mode Security Context

Routed Transparent Single

Multiple

Context System

• — • ——

previous next