Differences between current version and predecessor to the previous major change of NetscreenToCiscoVPN.
Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 4 | Last edited on Monday, June 20, 2005 10:57:45 am | by LindsayDruett | |
| Older page: | version 2 | Last edited on Monday, June 20, 2005 10:28:50 am | by DanielLawson | Revert |
@@ -47,11 +47,14 @@
(mind the line breaks)
<verbatim>
set address "Untrust" "<<Remote IP Range>>/255.255.255.0" <<Remote IP Range>> 255.255.255.0 "Remote Site VPN"
-
set ike gateway "<<remote-hostname>>" address 0.0.0.0 id "<<remote-hostname>>@<<domain name>>" \
- Aggr outgoing-interface "ethernet3" preshare "<<key>>" proposal "pre-g2-3des-md5" \
-
unset ike gateway "<<remote-hostname>>" nat-traversal
+ Aggr outgoing-interface "ethernet3" preshare "<<key>>" proposal "pre-g2-3des-md5"
+unset ike gateway "<<remote-hostname>>" nat-traversal
+set vpn "<<remote-hostname>>" gateway "<<remote-hostname>>" replay tunnel idletime 0 proposal \
+ "g2-esp-3des-md5"
+set policy id 9 name "<<remote-hostname>>" from "Untrust" to "home" "<<Remote IP Range>>/255.255.255." \
+ "<<Local IP Range>>/255.255.255." "ANY" tunnel vpn "<<remote-hostname>>" id 6 pair-policy 8
+set policy id 8 name "<<remote-hostname>>" from "home" to "Untrust" "<<Local IP Range>>/255.255.255." \
+ "<<Remote IP Range>>/255.255.255." "ANY" tunnel vpn "<<remote-hostname>>" id 6 pair-policy 9
</verbatim>
-
-Easier with web access, screen shots coming...
