Changes

Template:Networking rutos manual vpn (view source)

Revision as of 15:26, 20 December 2023

239 bytes removed ,  15:26, 20 December 2023
no edit summary
Line 724: Line 724:  
The <b>general settings</b> section is used to configure the main IPsec parameters. Refer to the figure and table below for information on the configuration fields located in the general settings section.
 
The <b>general settings</b> section is used to configure the main IPsec parameters. Refer to the figure and table below for information on the configuration fields located in the general settings section.
   −
[[File:Networking_rutos_vpn_ipsec_ipsec_instance_general_settings.png|border|class=tlt-border]]
+
[[File:Networking_rutos_vpn_ipsec_ipsec_instance_general_settings_v1.png|border|class=tlt-border]]
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 744: Line 744:  
     <tr>
 
     <tr>
 
       <td>Authentication method</td>
 
       <td>Authentication method</td>
       <td>Pre-shared key {{!}} X.509; default: <b>Pre-shared key</b></td>
+
       <td>Pre-shared key {{!}} <span style="color:darkred">X.509 {{!}} EAP</span> {{!}} <span style="color:blue">PKCS#12</span>; default: <b>Pre-shared key</b></td>
 
       <td>Specify authentication method. Choose between Pre-shared key and X.509 certificates.</td>
 
       <td>Specify authentication method. Choose between Pre-shared key and X.509 certificates.</td>
 +
    </tr>
 +
    <tr>
 +
    <td><span style="color:blue">PKCS#12:</span> PKCS12 container</td>
 +
        <td>string; default: <b>none</b></td>
 +
        <td></td>
 +
    </tr>
 +
    <tr>
 +
    <td><span style="color:blue">PKCS#12:</span> PKCS12 decryption passphrase</td>
 +
        <td>string; default: <b>none</b></td>
 +
        <td></td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
Line 758: Line 768:  
   </tr> -->
 
   </tr> -->
 
     <tr>
 
     <tr>
     <td><span style="color:darkred">X.509:</span> Key</td>
+
     <td><span style="color:darkred">X.509: {{!}} EAP:</span> Key</td>
 
         <td>A private key file; default: <b>none</b></td>
 
         <td>A private key file; default: <b>none</b></td>
 
         <td>A private key file.</td>
 
         <td>A private key file.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
     <td><span style="color:darkred">X.509:</span> Key decryption passphrase</td>
+
     <td><span style="color:darkred">X.509: {{!}} EAP:</span> Key decryption passphrase</td>
 
         <td>A password for private key files; default: <b>none</b></td>
 
         <td>A password for private key files; default: <b>none</b></td>
 
         <td>If the private key file is encrypted, the passphrase must be defined.</td>
 
         <td>If the private key file is encrypted, the passphrase must be defined.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
     <td><span style="color:darkred">X.509:</span> Local Certificate</td>
+
     <td><span style="color:darkred">X.509: {{!}} EAP:</span> Local Certificate</td>
 
         <td>.der file; default: <b>none</b></td>
 
         <td>.der file; default: <b>none</b></td>
 
         <td>A local certificate file.</td>
 
         <td>A local certificate file.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
     <td><span style="color:darkred">X.509:</span> CA Certificate</td>
+
     <td><span style="color:darkred">X.509: {{!}} EAP:</span> CA Certificate</td>
 
         <td>.der file; default: <b>none</b></td>
 
         <td>.der file; default: <b>none</b></td>
 
         <td>A certificate authority file.</td>
 
         <td>A certificate authority file.</td>
Line 809: Line 819:  
         <ul>
 
         <ul>
 
             <li>Chocolate for <span style="color: chocolate;">Authentication method: Pre-shared key</span></li>
 
             <li>Chocolate for <span style="color: chocolate;">Authentication method: Pre-shared key</span></li>
             <li>Dark red for <span style="color: darkred;">Authentication method: X.509</span></li>
+
             <li>Dark red for <span style="color: darkred;">Authentication method: X.509/EAP</span></li>
 +
            <li>Blue for <span style="color: blue;">Authentication method: PKCS#12</span></li>
 
         </ul>
 
         </ul>
 
     </li>
 
     </li>
Line 829: Line 840:  
     <td>ID Selector</td>
 
     <td>ID Selector</td>
 
         <td>%any, IP or FQDN; default: <b>none</b></td>
 
         <td>%any, IP or FQDN; default: <b>none</b></td>
         <td>Each secret can be preceded by a list of optional ID selectors. A selector is an IP address, a Fully Qualified Domain Name, user@FQDN or %any. When using IKEv1 use IP address.</br><b>NOTE:</b> IKEv1 only supports IP address ID selector.</td>
+
         <td>Each secret can be preceded by a list of optional ID selectors. A selector is an IP address, a Fully Qualified Domain Name, user@FQDN or %any. When using IKEv1 use IP address. <b>NOTE:</b> IKEv1 only supports IP address ID selector.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
 
       <td>Type</td>
 
       <td>Type</td>
       <td>psk {{!}} xauth; default: <b>psk</b></td>
+
       <td>PSK {{!}} XAUTH {{!}} EAP {{!}} <span style="color:darkred">RSA</span> {{!}} <span style="color:darkred">PKCS#12</span>; default: <b>PSK</b></td>
       <td>IPSec secret type.</br><b>NOTE:</b> XAUTH secrets are IKEv1 only.</td>
+
       <td>IPSec secret type. <b>NOTE:</b> XAUTH secrets are IKEv1 only.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
Line 842: Line 853:  
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
     <td><span style="color:darkred">RSA</span> Secret</td>
+
     <td><span style="color:darkred">RSA {{!}} PKCS#12:</span> Secret</td>
 
         <td>Private key file; default: <b>none</b></td>
 
         <td>Private key file; default: <b>none</b></td>
 
         <td>A private key file.</td>
 
         <td>A private key file.</td>
 
     </tr>
 
     </tr>
 
     <tr>
 
     <tr>
     <td><span style="color:darkred">RSA</span> Key decryption passphrase</td>
+
     <td><span style="color:darkred">RSA {{!}} PKCS#12:</span> Key decryption passphrase</td>
 
         <td>A password for private key files; default: <b>none</b></td>
 
         <td>A password for private key files; default: <b>none</b></td>
 
         <td>If the private key file is encrypted, the passphrase must be defined.</td>
 
         <td>If the private key file is encrypted, the passphrase must be defined.</td>
    </tr>
  −
</table>
  −
  −
====Advanced Settings====
  −
----
  −
  −
The <b>Advanced settings</b> section is only visible when <b>X.509</b> is selected as Authentication method.
  −
  −
[[File:Networking_rutos_vpn_ipsec_ipsec_instance_advanced_settings.png|border|class=tlt-border]]
  −
  −
<table class="nd-mantable">
  −
    <tr>
  −
        <th>Field</th>
  −
      <th>Value</th>
  −
      <th>Description</th>
  −
    </tr>
  −
    <!-- removed on 7.0, to return on 7.1 <tr>
  −
    <td>Certificate files from device</td>
  −
        <td>off | on; default: <b>off</b></td>
  −
        <td>Uses certificate file generated on this device instead of uploading. (You can generate certificates within this device via the System → Administration → [[{{{name}}}_Administration#Certificates|Certificates]] page.)</td>
  −
    </tr> -->
  −
    <tr>
  −
    <td>Remote Certificate</td>
  −
        <td>.crt file; default: <b>none</b></td>
  −
        <td>Selects a certificate file from a computer.</td>
   
     </tr>
 
     </tr>
 
</table>
 
</table>
Line 886: Line 872:  
----
 
----
   −
[[File:Networking rutos vpn ipsec connection settings general settings v2.png|border|class=tlt-border]]
+
[[File:Networking rutos vpn ipsec connection settings general settings v3.png|border|class=tlt-border]]
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Line 958: Line 944:  
====Advanced settings====
 
====Advanced settings====
 
----
 
----
[[File:Networking_rutos_vpn_ipsec_connection_settings_advanced_settings_v2.png|border|class=tlt-border]]
+
[[File:Networking_rutos_vpn_ipsec_connection_settings_advanced_settings_v3.png|border|class=tlt-border]]
    
<table class="nd-mantable">
 
<table class="nd-mantable">
Retrieved from "https://wiki.teltonika-networks.com/view/Special:MobileDiff/117575"

Navigation menu