H3C Technologies H3C SecPath F1000-E User Manual
Page 243
231
Figure 143 IPsec VPN policy configuration wizard: 2/4 (peer node)
3.
Configure the parameters as described in
.
Table 20 Configuration items
Item
Description
IPSec VPN Name
Enter the name for the IPsec VPN.
IMPORTANT:
If you enter abc here, the wizard will create an IKE peer named abc_peer, an
IPsec proposal named abc_prop, and an IPsec policy named abc_poli and
numbered 1. The IKE peer and IPsec proposal will be referenced in the IPsec
policy.
IPSec Interface
Select the interface to which you want to apply the IPsec policy.
Remote IP Address
Enter the remote IP address for IKE negotiation.
IMPORTANT:
The IP address specified here must match the local IP address specified on the
peer.
Identity
Configuration
Local IP
Address
Specify the ID type of the local end for IKE negotiation phase 1. Options
include:
•
Local IP Address—Uses the IP address of the local gateway as the ID. If you
do not specify the IP address, the default (the primary IP address of the
interface using the security policy) is used.
•
Local Gateway Name—Uses the name of the local gateway as the ID. This
option is not available because the local end cannot use its local gateway
name for IKE negotiation when the peer node uses the negotiation mode of
main.
Local
Gateway
Name
4.
Click Next.
- H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS