Project

General

Profile

IKEv2 Configuration Examples » History » Version 32

Andreas Steffen, 04.12.2018 10:42

1 8 Andreas Steffen
h1. IKEv2 Configuration Examples
2 1 Martin Willi
3 1 Martin Willi
h2. Remote Access
4 1 Martin Willi
5 30 Andreas Steffen
|RSA authentication with X.509 certificates    |{{tc(swanctl/rw-cert,IPv4)}}               |{{tc(ipv6/rw-ikev2,IPv6)}} |{{tc(swanctl/nat-rw,NAT)}} |
6 30 Andreas Steffen
|PSK authentication with pre-shared keys       |{{tc(swanctl/rw-psk-ipv4,IPv4)}}           |{{tc(ipv6/rw-psk-ikev2,IPv6)}}|{{tc(swanctl/nat-rw-psk,NAT)}}|
7 30 Andreas Steffen
|EAP_AKA authentication                        |{{tc(swanctl/rw-eap-aka-rsa,IPv4)}}        | | |
8 30 Andreas Steffen
|EAP_AKA authentication with EAP identity      |{{tc(swanctl/rw-eap-aka-id-rsa,IPv4)}}     | | |
9 30 Andreas Steffen
|EAP_SIM authentication                        |{{tc(swanctl/rw-eap-sim-rsa,IPv4)}}        | |{{tc(swanctl/rw-eap-sim-radius,RADIUS)}} |
10 30 Andreas Steffen
|EAP_SIM authentication with EAP identity      | | |{{tc(swanctl/rw-eap-sim-id-radius,RADIUS)}} |
11 30 Andreas Steffen
|EAP_SIM only authentication                   | | |{{tc(swanctl/rw-eap-sim-only-radius,RADIUS)}} |
12 30 Andreas Steffen
|EAP_MSCHAPv2 authentication with EAP identity |{{tc(swanctl/rw-eap-mschapv2-id-rsa,IPv4)}}| | |
13 30 Andreas Steffen
|EAP_MD5 authentication                        |{{tc(swanctl/rw-eap-md5-rsa,IPv4)}}        | |{{tc(swanctl/rw-eap-md5-radius,RADIUS)}} |
14 30 Andreas Steffen
|EAP_MD5 authentication with EAP identity      | | |{{tc(swanctl/rw-eap-md5-id-radius,RADIUS)}} |
15 30 Andreas Steffen
|EAP_TLS authentication                        |{{tc(swanctl/rw-eap-tls-only,IPv4)}} | |{{tc(swanctl/rw-eap-tls-radius,RADIUS)}} |
16 30 Andreas Steffen
|EAP_TTLS with EAP_MD5 client authentication  |{{tc(swanctl/rw-eap-ttls-only,IPv4)}} | |{{tc(swanctl/rw-eap-ttls-radius,RADIUS)}} |
17 30 Andreas Steffen
|EAP_PEAP with EAP_MD5 client authentication  |{{tc(swanctl/rw-eap-peap-md5,IPv4)}} | |{{tc(swanctl/rw-eap-peap-radius,RADIUS)}} |
18 30 Andreas Steffen
|EAP_PEAP with EAP_MSCHAPv2 client authentication  |{{tc(swanctl/rw-eap-peap-mschapv2,IPv4)}} | ||
19 8 Andreas Steffen
20 8 Andreas Steffen
h2. Remote Access with Virtual IP Adresses
21 16 Andreas Steffen
22 30 Andreas Steffen
| RAM-based server-side virtual IP pool      |{{tc(swanctl/ip-pool,IPv4)}}         |
23 30 Andreas Steffen
| DB-based server-side virtual IP pool       |{{tc(swanctl/ip-pool-db,IPv4)}}      |
24 30 Andreas Steffen
| Static server-side virtual IP addresses    |{{tc(swanctl/config-payload,IPv4)}}  |
25 30 Andreas Steffen
| Two RAM-based server-side virtual IP pools |{{tc(swanctl/ip-two-pools,IPv4)}}    |
26 30 Andreas Steffen
| Two DB-based server-side virtual IP pools  |{{tc(swanctl/ip-two-pools-db,IPv4)}} |
27 16 Andreas Steffen
28 16 Andreas Steffen
h2. Site-to-Site
29 8 Andreas Steffen
30 30 Andreas Steffen
|RSA authentication with X.509 certificates |{{tc(swanctl/net2net-cert,IPv4)}} |{{tc(ipv6/net2net-ikev2,IPv6)}} |
31 30 Andreas Steffen
|PSK authentication with pre-shared keys    |{{tc(swanctl/net2net-psk,IPv4)}} | |
32 8 Andreas Steffen
33 8 Andreas Steffen
h2. Host-to-Host
34 16 Andreas Steffen
35 30 Andreas Steffen
|IPsec tunnel mode with X.509 certificates    |{{tc(swanctl/host2host-cert,IPv4)}}      |{{tc(ipv6/host2host-ikev2,IPv6)}} |
36 30 Andreas Steffen
|IPsec transport mode with X.509 certificates |{{tc(swanctl/host2host-transport,IPv4)}} |{{tc(ipv6/transport-ikev2,IPv6)}} |
37 1 Martin Willi
38 1 Martin Willi
h2. Complete List
39 1 Martin Willi
40 30 Andreas Steffen
{{tc(swanctl,All IKEv2 test scenarios)}}