IKEv1 Configuration Examples » History » Version 18
Version 17 (Andreas Steffen, 21.05.2021 13:15) → Version 18/19 (Andreas Steffen, 07.07.2021 03:59)
h1. IKEv1 Configuration Examples
h2. Remote Access
|RSA authentication with X.509 certificates |{{tc(ikev1/rw-cert,IPv4)}} |{{tc_dr(ikev1/rw-cert,IPv4)}} |{{tc(ipv6/rw-ikev1,IPv6)}} |{{tc(ikev1/nat-rw,NAT)}} |{{tc_dr(ikev1/nat-rw,NAT)}} |
|PSK authentication with pre-shared keys |{{tc(ikev1/rw-psk-ipv4,IPv4)}} |{{tc_dr(ikev1/rw-psk-ipv4,IPv4)}} |{{tc(ipv6/rw-psk-ikev1,IPv6)}} | |
|RSA with XAUTH authentication |{{tc(ikev1/xauth-rsa,IPv4)}} |{{tc_dr(ikev1/xauth-rsa,IPv4)}} | | |
|PSK with XAUTH authentication |{{tc(ikev1/xauth-psk,IPv4)}} |{{tc_dr(ikev1/xauth-psk,IPv4)}} | | |
|Hybrid RSA (server) / XAUTH (client) authentication|{{tc(ikev1/xauth-id-rsa-hybrid,IPv4)}}| authentication|{{tc_dr(ikev1/xauth-id-rsa-hybrid,IPv4)}}| | |
h2. Remote Access with Virtual IP Adresses
|DB-based server-side virtual IP pool |{{tc(ikev1/ip-pool-db,IPv4)}} |{{tc_dr(ikev1/ip-pool-db,IPv4)}} |
|Static server-side virtual IP addresses |{{tc(ikev1/config-payload,IPv4)}} |{{tc_dr(ikev1/config-payload,IPv4)}} |
|Static server-side virtual IP addresses in push mode |{{tc(ikev1/config-payload-push,IPv4)}}| |{{tc_dr(ikev1/config-payload-push,IPv4)}}|
|Static client-side virtual IP addresses |{{tc(ikev1/virtual-ip,IPv4)}} |{{tc_dr(ikev1/virtual-ip,IPv4)}} |
|RSA with XAUTH authentication and virtual IP addresses|{{tc(ikev1/xauth-id-rsa-config,IPv4)}}| addresses|{{tc_dr(ikev1/xauth-id-rsa-config,IPv4)}}|
|PSK with XAUTH authentication and virtual IP addresses|{{tc(ikev1/xauth-id-psk-config,IPv4)}}| addresses|{{tc_dr(ikev1/xauth-id-psk-config,IPv4)}}|
h2. Site-to-Site
|RSA authentication with X.509 certificates|{{tc(ikev1/net2net-cert,IPv4)}}|{{tc(ipv6/net2net-ikev1,IPv6)}} certificates|{{tc_dr(ikev1/net2net-cert,IPv4)}}|{{tc(ipv6/net2net-ikev1,IPv6)}} |
|PSK authentication with pre-shared keys |{{tc(ikev1/net2net-psk,IPv4)}} |{{tc_dr(ikev1/net2net-psk,IPv4)}} | |
h2. Host-to-Host
|IPsec tunnel mode with X.509 certificates |{{tc(ikev1/host2host-cert,IPv4)}} |{{tc_dr(ikev1/host2host-cert,IPv4)}} |{{tc(ipv6/host2host-ikev1,IPv6)}} |
|IPsec transport mode with X.509 certificates|{{tc(ikev1/host2host-transport,IPv4)}}|{{tc(ipv6/transport-ikev1,IPv6)}} certificates|{{tc_dr(ikev1/host2host-transport,IPv4)}}|{{tc(ipv6/transport-ikev1,IPv6)}} |
h2. Complete List
{{tc(ikev1,All {{tc_dr(ikev1,All IKEv1 test scenarios)}}
h2. Remote Access
|RSA authentication with X.509 certificates |{{tc(ikev1/rw-cert,IPv4)}} |{{tc_dr(ikev1/rw-cert,IPv4)}} |{{tc(ipv6/rw-ikev1,IPv6)}} |{{tc(ikev1/nat-rw,NAT)}} |{{tc_dr(ikev1/nat-rw,NAT)}} |
|PSK authentication with pre-shared keys |{{tc(ikev1/rw-psk-ipv4,IPv4)}} |{{tc_dr(ikev1/rw-psk-ipv4,IPv4)}} |{{tc(ipv6/rw-psk-ikev1,IPv6)}} | |
|RSA with XAUTH authentication |{{tc(ikev1/xauth-rsa,IPv4)}} |{{tc_dr(ikev1/xauth-rsa,IPv4)}} | | |
|PSK with XAUTH authentication |{{tc(ikev1/xauth-psk,IPv4)}} |{{tc_dr(ikev1/xauth-psk,IPv4)}} | | |
|Hybrid RSA (server) / XAUTH (client) authentication|{{tc(ikev1/xauth-id-rsa-hybrid,IPv4)}}| authentication|{{tc_dr(ikev1/xauth-id-rsa-hybrid,IPv4)}}| | |
h2. Remote Access with Virtual IP Adresses
|DB-based server-side virtual IP pool |{{tc(ikev1/ip-pool-db,IPv4)}} |{{tc_dr(ikev1/ip-pool-db,IPv4)}} |
|Static server-side virtual IP addresses |{{tc(ikev1/config-payload,IPv4)}} |{{tc_dr(ikev1/config-payload,IPv4)}} |
|Static server-side virtual IP addresses in push mode |{{tc(ikev1/config-payload-push,IPv4)}}| |{{tc_dr(ikev1/config-payload-push,IPv4)}}|
|Static client-side virtual IP addresses |{{tc(ikev1/virtual-ip,IPv4)}} |{{tc_dr(ikev1/virtual-ip,IPv4)}} |
|RSA with XAUTH authentication and virtual IP addresses|{{tc(ikev1/xauth-id-rsa-config,IPv4)}}| addresses|{{tc_dr(ikev1/xauth-id-rsa-config,IPv4)}}|
|PSK with XAUTH authentication and virtual IP addresses|{{tc(ikev1/xauth-id-psk-config,IPv4)}}| addresses|{{tc_dr(ikev1/xauth-id-psk-config,IPv4)}}|
h2. Site-to-Site
|RSA authentication with X.509 certificates|{{tc(ikev1/net2net-cert,IPv4)}}|{{tc(ipv6/net2net-ikev1,IPv6)}} certificates|{{tc_dr(ikev1/net2net-cert,IPv4)}}|{{tc(ipv6/net2net-ikev1,IPv6)}} |
|PSK authentication with pre-shared keys |{{tc(ikev1/net2net-psk,IPv4)}} |{{tc_dr(ikev1/net2net-psk,IPv4)}} | |
h2. Host-to-Host
|IPsec tunnel mode with X.509 certificates |{{tc(ikev1/host2host-cert,IPv4)}} |{{tc_dr(ikev1/host2host-cert,IPv4)}} |{{tc(ipv6/host2host-ikev1,IPv6)}} |
|IPsec transport mode with X.509 certificates|{{tc(ikev1/host2host-transport,IPv4)}}|{{tc(ipv6/transport-ikev1,IPv6)}} certificates|{{tc_dr(ikev1/host2host-transport,IPv4)}}|{{tc(ipv6/transport-ikev1,IPv6)}} |
h2. Complete List
{{tc(ikev1,All {{tc_dr(ikev1,All IKEv1 test scenarios)}}