English (GB) Deutsch
Print Friendly and PDF

Articles in this section

IPsec-VPN-Parameter for VPN-Clients

Avatar
Boldt, Stephan
  • Updated
Follow

Table of IPsec parameter for connecting a VPN-Client of a UC Tenant in SwyxON

 

General:

Gateway IP: 89.184.168.109

NAT Traversal:  Disabled   (Enabled when NAT network is used)

IKE Exchange: Main Mode

Short hold time: 9999

DPD: 60 seconds

IKE-CFG: Server

 

Phase 1:

For the key-exchange IKEv1 or IKEv2 is used.

IKE Group:  Group 5 MODP1536  

IKE proposal list: PSK-AES256-SHA256

Authentication: Pre Shared Key

Lifetime: 86400 (24hours)

Phase 2:

Proposal: AES256-SHA

Mode: Tunnel

PFS Group: Group 5 MODP1536

Encryption ESP: AES-CBC

Key: 256

Auth.(ESP): HMAC-SHA1

Auth. (AH): No AH

Compr.(IPCOMP): No IPCOMP

Lifetime: 3600 (1 hour)

 

Access Lists and Routes:

Please note that the access lists must be adapted to the network infrastructure and the VPN gateway on the customer side.

In addition, the UC Tenant Administrator must define a central route to the UC Tenant and select the VPN device as the gateway.

Related articles

Comments

0 comments

Please sign in to leave a comment.