Configuring a peer node – H3C Technologies H3C SecPath F1000-E User Manual

Page 242

230

Item

Description

Pre-Shared Key

Select the authentication method for IKE negotiation and specify the required
argument. Options include:

•

Pre-Shared Key—Uses the pre-shared key authentication method.

•

PKI Domain—Uses the RSA signature authentication method. Available PKI

domains are those configured by selecting VPN > Certificate Manager > Domain
from the navigation tree.

IMPORTANT:

If you select PKI Domain, an IKE proposal numbered 1 will be created.

PKI Domain

Enable DPD

Select this box to enable dead peer detection (DPD).

IMPORTANT:

If you enable DPD and the name of the IPsec VPN is abc, the wizard will create a DPD

named abc_dpd and apply it to peer abc_peer.

Click Next.

Figure 142 IPsec VPN policy configuration wizard: 4/4 (branch node)

Click Finish to complete the configuration.
The system will jump to the page that you can enter by selecting VPN > IPSec > IPSec Application
from the navigation tree.

Configuring a peer node

Select Peer Node from the first page of the IPsec VPN policy configuration wizard.

Click Next.

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS