<< Create an IPsec Policy (1 of 4)

Create an IPsec Policy (3 of 4) >>

 

Example 1: IPsec VPN, Site-to-Site

Create an IPsec Policy (Step 2 of 4)

TMS zl Module A

TMS zl Module B

  1. For Key Exchange Method, accept the default: Auto (with IKEv1).

  2. For IKEv1 Policy, select researchFTP.

  3. Select the Enable PFS (Perfect Forward Secrecy) for keys check box, which forces the tunnel endpoints to generate new keys for the IPsec SA.

  4. From the Diffie-Hellman (DH) Group list, select Group 2.

  5. For SA Lifetime in seconds, type 86400 (one day).

  6. For SA lifetime in kilobytes, type 0.

  7. Click Next.

  1. For Key Exchange Method, accept the default: Auto (with IKEv1).

  2. For IKEv1 Policy, select FacultyAccess.

  3. Select the Enable PFS (Perfect Forward Secrecy) for keys check box, which forces the tunnel endpoints to generate new keys for the IPsec SA.

  4. From the Diffie-Hellman (DH) Group list, select Group 2.

  5. For SA Lifetime in seconds, type 86400 (one day).

  6. For SA lifetime in kilobytes, type 0.

  7. Click Next.

 

On this page of the Add IPsec Policy window, the settings for both sites should be identical.

<< Create an IPsec Policy (1 of 4)

Create an IPsec Policy (3 of 4) >>