VPN > IPsec > IKEv1 Policies

On this window, you configure IKEv1 policies, which are Step 1 in configuring an IPsec VPN with IKE and Step 2 in configuring an L2TP Layer 2 Tunneling Protocol over IPsec VPN.

To see detailed instructions for configuring IPsec VPNs on the Threat Management Services (TMS) zl Module (including an explanation for the figure below), click here.

 

To see detailed instructions for configuring L2TP over IPsec VPNs on the TMS zl Module (including an explanation for the figure below), click here.

 

  • Add IKE Policy — Click to add an IKE policy.

Click the  icon to see the explanation for a field, or click here to see an explanation of all fields.

Step 1 of 3

  • IKE Policy Name 

  • IKE Policy Type 

  • Local Gateway 

  • Site-to-site only: Remote Gateway 

  • Local ID 

  • Remote ID 

Step 2 of 3

  • Key Exchange Mode 

  • Authentication Method 

 

If you are configuring an IKE policy for Windows 2000 or XP VPN clients, and you are using the clients' default settings, you MUST configure the IKE policy with one of these combinations of settings.

  • Diffie-Hellman (DH) Group 

  • Encryption Algorithm 

  • Authentication Algorithm 

  • SA Security Association Lifetime in seconds 

Step 3 of 3

  • XAUTH eXtended AUTHentication Configuration 

 

If you enable the XAUTH server, you must also have access to user credentials that are configured on the TMS zl Module or on a RADIUS server.