Viewing file:  edit.html (2.63 KB) -rw-r--r--
Select action/file-type:
 (+) | (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
Edit or Create Connection
This page allowes you to create a new IPsec connection, or edit the
details of an existing one. A connection with the same settings must be
created on the systems at both ends of the VPN tunnel that you want to create.
Fields in the IPsec VPN connection details section that must be provided
for each connection and their recommended settings are listed below :
- Connection name
- A short name for this connection with no spaces.
- At IPsec startup
- If Add connection is chosen, this connection will only be established
when explicity started. If Start connection is chosen then it will
be launched as soon as the IPsec server is started. The former option is
best for tunnels to remote systems that are only periodically active, while
the latter is suitable for permanent VPN links.
- Compress data?
- Should be left set to Default.
- Connection type
- Should also be left set to Default.
Addtional information must be supplied for the systems on either end of the
connection. This must be the same on both systems, although generally the
Local and Remote details are swapped so that the settings for
this host are always in the Local or left system's settings section.
The fields in each section and their suggested settings are :
- Public IP address
- This field should be set to the fixed IP address of the system, or
Automatic for a host whose IP is dynamically assigned. Both the local
and remote sections cannot have this field set to Automatic at the
same time though.
- System identifier
- The Hostname option should be selected and the system's hostname
entered into the text field. FreeSWAN uses this setting to determine which
section of the connection applied to which host.
- Private subnet behind system
- If this system has an internal network connected to it that the other
host should be granted access to, enter a network address and prefix length
(like 192.168.1.0/24) into this field.
- System's public key
- You should generally select Entered below and enter the system's
RSA public key into the text box. This can be seen on the Show Public
Key page on that system.
- Next hop to other system
- Unless you have an unusual network setup, this field should be set to
Default route.
After creating or editing a connection, the Apply Configuration button
on the module's main page must be used to activate the changes.
|