IKEv2 Legacy Configuration Examples » History » Version 9
Andreas Steffen, 21.05.2021 13:05
| 1 | 3 | Andreas Steffen | h1. IKEv2 Legacy Configuration Examples |
|---|---|---|---|
| 2 | 1 | Andreas Steffen | |
| 3 | 4 | Andreas Steffen | These example scenarios use the deprecated stroke management interface. |
| 4 | 4 | Andreas Steffen | |
| 5 | 1 | Andreas Steffen | h2. Remote Access |
| 6 | 1 | Andreas Steffen | |
| 7 | 9 | Andreas Steffen | |RSA authentication with X.509 certificates |{{tc_dr(ikev2-stroke/rw-cert,IPv4)}} |{{tc(ipv6-stroke/rw-ikev2,IPv6)}} |{{tc_dr(ikev2/nat-rw,NAT)}} | |
| 8 | 9 | Andreas Steffen | |PSK authentication with pre-shared keys (IP) |{{tc_dr(ikev2-stroke/rw-psk-ipv4,IPv4)}} |{{tc(ipv6-stroke/rw-psk-ikev2,IPv6)}}|{{tc_dr(ikev2/nat-rw-psk,NAT)}}| |
| 9 | 9 | Andreas Steffen | |PSK authentication with pre-shared keys (FQDN) |{{tc_dr(ikev2-stroke/rw-psk-fqdn,IPv4)}} | | | |
| 10 | 9 | Andreas Steffen | |EAP_AKA authentication |{{tc_dr(ikev2-stroke/rw-eap-aka-rsa,IPv4)}} | | | |
| 11 | 9 | Andreas Steffen | |EAP_AKA authentication with EAP identity |{{tc_dr(ikev2-stroke/rw-eap-aka-id-rsa,IPv4)}} | | | |
| 12 | 9 | Andreas Steffen | |EAP_SIM authentication |{{tc_dr(ikev2-stroke/rw-eap-sim-rsa,IPv4)}} | |{{tc_dr(ikev2-stroke/rw-eap-sim-radius,RADIUS)}} | |
| 13 | 9 | Andreas Steffen | |EAP_SIM authentication with EAP identity | | |{{tc_dr(ikev2-stroke/rw-eap-sim-id-radius,RADIUS)}} | |
| 14 | 9 | Andreas Steffen | |EAP_SIM only authentication | | |{{tc_dr(ikev2-stroke/rw-eap-sim-only-radius,RADIUS)}} | |
| 15 | 9 | Andreas Steffen | |EAP_MSCHAPv2 authentication with EAP identity |{{tc_dr(ikev2-stroke/rw-eap-mschapv2-id-rsa,IPv4)}}| | | |
| 16 | 9 | Andreas Steffen | |EAP_MD5 authentication |{{tc_dr(ikev2-stroke/rw-eap-md5-rsa,IPv4)}} | |{{tc_dr(ikev2-stroke/rw-eap-md5-radius,RADIUS)}} | |
| 17 | 9 | Andreas Steffen | |EAP_MD5 authentication with EAP identity | | |{{tc_dr(ikev2-stroke/rw-eap-md5-id-radius,RADIUS)}} | |
| 18 | 9 | Andreas Steffen | |EAP_TLS authentication |{{tc_dr(ikev2-stroke/rw-eap-tls-only,IPv4)}} | |{{tc_dr(ikev2-stroke/rw-eap-tls-radius,RADIUS)}} | |
| 19 | 9 | Andreas Steffen | |EAP_TTLS with EAP_MD5 client authentication |{{tc_dr(ikev2-stroke/rw-eap-ttls-only,IPv4)}} | |{{tc_dr(ikev2-stroke/rw-eap-ttls-radius,RADIUS)}} | |
| 20 | 9 | Andreas Steffen | |EAP_PEAP with EAP_MD5 client authentication |{{tc_dr(ikev2-stroke/rw-eap-peap-md5,IPv4)}} | |{{tc_dr(ikev2-stroke/rw-eap-peap-radius,RADIUS)}} | |
| 21 | 9 | Andreas Steffen | |EAP_PEAP with EAP_MSCHAPv2 client authentication|{{tc_dr(ikev2-stroke/rw-eap-peap-mschapv2,IPv4)}} | || |
| 22 | 1 | Andreas Steffen | |
| 23 | 1 | Andreas Steffen | h2. Remote Access with Virtual IP Adresses |
| 24 | 1 | Andreas Steffen | |
| 25 | 9 | Andreas Steffen | | RAM-based server-side virtual IP pool |{{tc_dr(ikev2-stroke/ip-pool,IPv4)}} | |
| 26 | 9 | Andreas Steffen | | DB-based server-side virtual IP pool |{{tc_dr(ikev2-stroke/ip-pool-db,IPv4)}} | |
| 27 | 9 | Andreas Steffen | | Static server-side virtual IP addresses |{{tc_dr(ikev2-stroke/config-payload,IPv4)}} | |
| 28 | 9 | Andreas Steffen | | Static client-side virtual IP addresses |{{tc_dr(ikev2-stroke/virtual-ip,IPv4)}} | |
| 29 | 9 | Andreas Steffen | | Two RAM-based server-side virtual IP pools |{{tc_dr(ikev2-stroke/ip-two-pools,IPv4)}} | |
| 30 | 9 | Andreas Steffen | | Two DB-based server-side virtual IP pools |{{tc_dr(ikev2-stroke/ip-two-pools-db,IPv4)}} | |
| 31 | 1 | Andreas Steffen | |
| 32 | 1 | Andreas Steffen | h2. Site-to-Site |
| 33 | 1 | Andreas Steffen | |
| 34 | 9 | Andreas Steffen | |RSA authentication with X.509 certificates |{{tc_dr(ikev2-stroke/net2net-cert,IPv4)}} |{{tc(ipv6-stroke/net2net-ikev2,IPv6)}} | |
| 35 | 9 | Andreas Steffen | |PSK authentication with pre-shared keys |{{tc_dr(ikev2-stroke/net2net-psk,IPv4)}} | | |
| 36 | 9 | Andreas Steffen | |Connection setup automatically started by daemon |{{tc_dr(ikev2-stroke/net2net-start,IPv4)}} | | |
| 37 | 9 | Andreas Steffen | |Connection setup triggered by data to be tunneled|{{tc_dr(ikev2-stroke/net2net-route,IPv4)}} | | |
| 38 | 1 | Andreas Steffen | |
| 39 | 1 | Andreas Steffen | h2. Host-to-Host |
| 40 | 1 | Andreas Steffen | |
| 41 | 9 | Andreas Steffen | |IPsec tunnel mode with X.509 certificates |{{tc_dr(ikev2-stroke/host2host-cert,IPv4)}} |{{tc(ipv6-stroke/host2host-ikev2,IPv6)}} | |
| 42 | 9 | Andreas Steffen | |IPsec transport mode with X.509 certificates |{{tc_dr(ikev2-stroke/host2host-transport,IPv4)}} |{{tc(ipv6-stroke/transport-ikev2,IPv6)}} | |
| 43 | 1 | Andreas Steffen | |
| 44 | 8 | Andreas Steffen | h2. IP Protocol and Port Policies |
| 45 | 8 | Andreas Steffen | |
| 46 | 9 | Andreas Steffen | |IPsec tunnel restricted to ICMP and ssh protocols |{{tc_dr(ikev2-stroke/protoport-dual,IPv4)}} | |
| 47 | 8 | Andreas Steffen | |
| 48 | 8 | Andreas Steffen | |
| 49 | 1 | Andreas Steffen | h2. Complete List |
| 50 | 1 | Andreas Steffen | |
| 51 | 9 | Andreas Steffen | {{tc_dr(ikev2-stroke,All IKEv2 legacy test scenarios)}} |