Filter
Top Products
Virtual Private Networking Using IPSec and L2TP Connections
249
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308
Table 59. Add IKE Policy screen settings for a Mode Config configuration
Setting Description
Mode Config Record
Do you want to use
Mo
de Config Record?
Select the Yes radio button.
Note: Because Mode Config functions only in Aggressive mode, selecting the Yes
radio button sets the tunnel exchange mode to Aggressive mode. Mode Config
also requires that both the local and remote endpoints are defined by their FQDNs.
Select Mode
Config Re
cord
From the drop-down list, select the Mode Config record that
you created in Step 4 on page 247. This example uses NA
Sales.
General
Policy Name A descriptive name of the IKE policy for identification and management purposes.
Thi
s example uses ModeConfigAME_Sales.
Note: The name is not supplied to the remote VPN endpoint.
Direction / Type Responder is automatically selected when y
ou select the Mode Config record in
the Mode Config Record section of the screen. This ensures that the VPN firewall
responds to an IKE request from the remote endpoint but does not initiate one.
Exchange Mode Aggressive mode is automatically selected when you select the Mode Config
re
cord in the Mode Config Record section of the screen.
Local
Select Local Gateway Select a WAN interface from the drop-down l
ist to specify the WAN interface for the
local gateway.
Identifier Type From the drop-down list, select FQ
DN.
Note: Mode Config requires that the VPN firewal
l (that is, the local endpoint) is
defined by an FQDN.
Identifier Enter an FQDN for the VPN firewall. This example uses
router.com.
Remote
Identifier Type From the drop-down list, select FQ
DN.
Note: Mode Config requires that the remote en
dpoint is defined by an FQDN.
Identifier Enter the FQDN for the remote endpoint. This needs to be an
FQDN that is
not used in any other IKE policy. This example
uses client.com.