IPSEC VPN is a technology that provides a mechanism to establish encrypted network tunnels over non-secure infrastructure such as the internet. Security and data confidentiality are the primary requirements for IPSEC VPN, and the IPSEC VPN implementation on the ESG meets this requirement. The edge supports IKEv1 and the following parameters for IPSEC VPN:
Authentication |
|
Encryption algorithms AES |
|
Diffie Hellman groups DH2 |
|
In addition, each edge form factor supports a specific number of IPSEC VPN tunnels, which are follows:
Edge form factor | Number of IPSEC tunnels |
Compact | 512 |
Large | 1,600 |
Quad Large | 4,096 |
X-Large | 6,000 |
The ESG also supports IPSEC tunnel NAT traversal, so even if your edge is located behind a perimeter firewall which is performing NAT, as long as the appropriate DNAT rules have been configured on the perimeter firewall, you can establish an IPSEC tunnel with a remote endpoint.
In this recipe, we will configure...