R U/L/H Series
User Guide, Rev. 00 (May 2015)
29
In the second phase of proposal please specify the protocol (ESP is authentication with encryption,
AH is authentication only), encryption algorithm, hash algorithm and PFS key group. Please note
that you can choose multiple algorithms, but at least one should match on both sides of the
connection. The last setting is phase 2 lifetime (leave field empty for using default value).
After configuring all settings remember to save configuration. The configuration of IPsec
connection is finished unless you chose to authenticate with RSA certificates and CA certificate. In
that case click on Keys and Certificates tab. Here you can add multiple Pre-shared keys and CA
certificates. Adding both is similar, so we will explain only adding CA certificates. To add new one,
please click on Add new button. Specify Identifier (which is used only for distinguish them in www
configuration), paste CA certificate and certificate revoke list. Last field is optional and lets you
ban users that shouldn't be allowed to join your network anymore.
IMPORTANT:
After filling in fields click Save button and then save whole configuration by clicking
Save settings. If you want to delete certificate, choose it from the list, click Delete button and then
save whole configuration.