Changes

Domnev (view source)

Revision as of 16:40, 11 April 2023

377 bytes added , 16:40, 11 April 2023

no edit summary

Line 69: Line 69:

# '''''Enable''''' '''''Local firewall;'''''

−

# Remote source IP - '''''10.20.30.0/24;'''''

+

# Remote source IP - '''''10.20.30.0/24;'''''

−

# Remote DNS '''''9.9.9.9;'''''

+

# Remote DNS - '''''9.9.9.9;'''''

</td>

</tr>

Line 88: Line 88:

# Authentication - '''''SHA512;'''''

# DH group - '''''ECP521;'''''

+

# Force crypto proposal - '''enabled'''.

</td>

</tr>

Line 103: Line 104:

# Authentication - '''''SHA256;'''''

# DH group - '''''ECP521;'''''

+

# Force crypto proposal - '''enabled'''.

</td>

</tr>

</table>

+

'''Force crypto proposal''' option as it simplifies which algorithm suite will be used for both phases.

==RUT2 (Spoke) configuration==

Line 156: Line 160:

# Authentication - '''''SHA512;'''''

# DH group - '''''ECP521;'''''

+

# Force crypto proposal - '''enabled'''.

</td>

</tr>

Line 171: Line 176:

# Authentication - '''''SHA256;'''''

# DH group - '''''ECP521;'''''

+

# Force crypto proposal - '''enabled'''.

</td>

</tr>

</table>

+

'''Force crypto proposal''' option as it simplifies which algorithm suite will be used for both phases.

==Testing the configuration==

Domnev

Administrators

1,108

edits