Virtual Private Networking Using IPSec and L2TP Connections
247
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
4. Click Apply to save your settings. The new Mode Config record is added to the List of Mode
Config Records table.
Continue the Mode Config configuration procedu
re by configuring an IKE policy.
5. Select VP
N > IPSec VPN. The IPSec VPN submenu tabs display with the IKE Policies
screen in view (see Figure 154 o
n page 226).
6. Unde
r the List of IKE Policies table, click the Add table button. The Add IKE Policy screen
displays the IPv4 settings (see the next figure).
7. S
pecify the IP version for which you want to add an IKE policy:
• IP
v4. In the upper right of the screen, the IPv4 radio button is already selected by
default. Go to Step 8.
• IP
v6. Select the IPv6 radio button. The Add IKE Policy screen for IPv6 displays. This
screen is identical to the Add IKE Policy screen for IPv4 (see the next figure).
Note: You can configure an IPv6 IKE policy to assign IPv4 addresses to
clients, but you cannot assign IPv6 addresses to clients.
Integrity Algorithm From the drop-down list, select one of the following two algorithms to be used in the
VPN header for the authentication process:
• SHA-1.
Hash algorithm that produces a 160-bit digest. This is the default setting.
• MD
5. Hash algorithm that produces a 128-bit digest.
Local IP Address The local IP address to which remote VPN clients have access. If you do not
specify a local IP address, the VPN firewall’s default LAN IP address is used (by
default, 192.168.1.1).
Local Subnet Mask The local subnet mask. Typically, this is 255.255.255.0.
Note: If you do not specify a local IP address, you do not need to specify a subnet
either.
Table 58. Add Mode Config Record screen settings (continued)
Setting Description