Ipsec vpn configuration wizard, Overview, Configuring an ipsec vpn – H3C Technologies H3C SecPath F1000-E User Manual
Page 58
1
IPsec VPN Configuration Wizard
Overview
The IPsec VPN policy configuration wizard provides a way to configure IPsec VPNs easily. For more
information about IPsec and IKE, see IPsec Configuration and IKE Configuration.
IPsec VPN supports two networking modes: center-branch mode and peer-peer mode.
•
Center-branch mode applies to one-to-many networks as shown in
. A network in this mode
uses the aggressive mode for IKE negotiation and uses the security gateway name or IP address as
the ID type at the local end. The center node never initiates IPsec SA negotiation; the branch nodes
must take the responsibility.
Figure 1 Center-branch networking mode
•
Peer-peer mode applies to one-to-one networks as shown in
. A network in this mode uses
the main mode for IKE negotiation and can use only the ID type of IP address at the local end. Either
of the two peers can initiate IPsec SA negotiation.
Figure 2 Peer-peer networking mode
Internet
Peer node
Peer node
Configuring an IPsec VPN
Launching the IPsec VPN Policy Configuration Wizard
Select Wizard from the navigation tree to enter the Configuration Wizard page, and then click the
IPSec VPN Deployment hyperlink to enter the first page of the IPsec VPN policy configuration page,
.