UTM/VPN/IPSec-Phase1-2: Unterschied zwischen den Versionen

Version vom 24. November 2022, 13:53 Uhr

IPSec Einstellungen für Phase 1 und 2

Letzte Anpassung zur Version: 12.2.4

notempty

Dieser Artikel bezieht sich auf eine Resellerpreview

12.2.3

Konfiguration der Phase 1 und 2 für IPSec-Verbindungen.
Der Inhalt dieser Seite wird hier angezeigt:

UTM/VPN/IPSec-S2S (Vorlageneinbindung) ‎ (← Links)
UTM/VPN/IPSec-Phase1-2 v12.2.3 ‎ (← Links)
UTM/VPN/IPSec-S2S v12.2.3 ‎ (← Links)
UTM/VPN/IPSec-S2E v12.2.3 ‎ (← Links)
UTM/VPN/IPSec-Phase1-2 v12.2.4 ‎ (← Links)
UTM/VPN/IPSec-Phase1-2 v12.4 ‎ (← Links)
UTM/VPN/IPSec-S2E (Vorlageneinbindung) ‎ (← Links)
UTM/VPN/IPSec-Phase1-2 v12.5 ‎ (← Links)
UTM/VPN/IPSec-S2S v12.5 ‎ (← Links)
UTM/VPN/IPSec-S2E v12.5 ‎ (← Links)
UTM/VPN/IPSec-S2S v12.6.2 (Vorlageneinbindung) ‎ (← Links)

@@ Zeile 4: / Zeile 4: @@
 {{:UTM/VPN/IPSec-Phase1-2.lang}}
-</div>{{Select_lang}}<noinclude>__NOTOC__
+{{#switch: {{{IPSec|}}}
+| IKEv1 RW =
+ {{var	| IKEv1 RW ||}}
+ {{var	| IKEv2 RW |none|none}}
+ {{var	| IKEv1 S2S |none|none}}
+ {{var	| IKEv2 S2S |none|none}}
+ {{var	| IKEv2 |none|none}}
+ {{var	| not IKEv2 RW ||}}
+| IKEv2 RW =
+ {{var	| IKEv1 RW |none|none}}
+ {{var	| IKEv2 RW ||}}
+ {{var	| IKEv1 S2S |none|none}}
+ {{var	| IKEv2 S2S |none|none}}
+ {{var	| IKEv2 ||}}
+ {{var	| not IKEv2 RW |none|none}}
+| IKEv1 S2S =
+ {{var	| IKEv1 RW |none|none}}
+ {{var	| IKEv2 RW |none|none}}
+ {{var	| IKEv1 S2S ||}}
+ {{var	| IKEv2 S2S |none|none}}
+ {{var	| IKEv2 |none|none}}
+ {{var	| not IKEv2 RW ||}}
+| IKEv2 S2S =
+ {{var	| IKEv1 RW |none|none}}
+ {{var	| IKEv2 RW |none|none}}
+ {{var	| IKEv1 S2S |none|none}}
+ {{var	| IKEv2 S2S ||}}
+ {{var	| IKEv2 ||}}
+ {{var	| not IKEv2 RW ||}}
+| #default =
+<!--
+ {{var	| IKEv1 RW ||}}
+ {{var	| IKEv2 RW ||}}
+ {{var	| IKEv1 S2S ||}}
+ {{var	| IKEv2 S2S ||}}
+-->
+ {{var	| IKEv1 RW |none|none}}
+ {{var	| IKEv2 RW ||}}
+ {{var	| IKEv1 S2S |none|none}}
+ {{var	| IKEv2 S2S |none|none}}
+ {{var	| IKEv2 ||}}
+ {{var	| not IKEv2 RW |none|none}}
+}}
+</div>{{Select_lang}}
+<noinclude>{{TOC2}}
+{{Header|12.2.4|
+|[[UTM/VPN/IPSec-Phase1-2_v12.2.3 | 12.2.3]]
+|{{Menu|VPN|IPSec|{{#var:Verbindungen}} }} {{Button|Phase 1|w}} {{Button|Phase 2|w}}
+}}
+{{#var:noinclude}}
+<br clear=all>
+</noinclude>
+<includeonly>
 {| class="sptable2 pd5 Einrücken zh1"
-</noinclude>
 |- class="Leerzeile"
 | colspan="3" |
-==== Phase 1 ====
+===== Phase 1 =====
 |- class="Leerzeile"
 | colspan="3" | <span id="{{#var:Allgemein}}_2"></span>{{Menu|VPN|IPSec|{{#var:Verbindungen}}|Phase 1|w}}{{h6|{{#var:Allgemein}} }}
@@ Zeile 15: / Zeile 67: @@
 |-
 ! {{#var:cap}} !! {{#var:val}} !! {{#var:desc}}
-| class="Bild" rowspan="10" | {{Bild |  {{#var:Phase1 Allgemein--Bild}}|{{#var:Phase1 Allgemein--cap}} }}
+| style=display:{{#var:IKEv1 RW}} class="Bild" rowspan="10"| {{Bild |  {{#var:Phase1 Allgemein IKEv1 RW--Bild}}|{{#var:Phase1 Allgemein--cap}} }}
+| style=display:{{#var:IKEv2 RW}} class="Bild" rowspan="10"| {{Bild |  {{#var:Phase1 Allgemein--Bild}}|{{#var:Phase1 Allgemein--cap}} }}
+| style=display:{{#var:IKEv1 S2S}} class="Bild" rowspan="10"| {{Bild |  {{#var:Phase1 Allgemein IKEv1 S2S--Bild}}|{{#var:Phase1 Allgemein--cap}} }}
+| style=display:{{#var:IKEv2 S2S}} class="Bild" rowspan="10"| {{Bild |  {{#var:Phase1 Allgemein IKEv2 S2S--Bild}}|{{#var:Phase1 Allgemein--cap}} }}
 |-
 | {{b|{{#var:Beliebige Remote-Adressen}} }} || {{ButtonAn|{{#var:ein}} }}<br><small>'''Default'''</small> || {{#var:Beliebige Remote-Adressen--desc}}
@@ Zeile 29: / Zeile 84: @@
 | <span id="DPD"></span>{{b|{{#var:Dead Peer Detection}} }} || {{ButtonAn|{{#var:ein}} }} || {{#var:Dead Peer Detection--desc}}<li class="list--element__alert list--element__hint">{{#var:Dead Peer Detection--Hinweis}}</li>
 |-
-| {{b|{{#var:DPD Timeout}} }} <br><small>'''{{#var:Nur bei IKEv}}1'''</small><br>{{Hinweis-neu|{{#var:Neu ab}} 12.2.3|12.2.3|status=update}}||  {{ic|30|c|class=mw7}} {{#var:Sekunden}} || {{#var:DPD Timeout--desc}}<li class="list--element__alert list--element__hint">{{#var:Timeout--Hinweis}}</li>
+| {{b|{{#var:DPD Timeout}} }} ||  {{ic|30|c|class=mw7}} {{#var:Sekunden}} || {{#var:DPD Timeout--desc}}<li class="list--element__alert list--element__hint">{{#var:Timeout--Hinweis}}</li>
 |-
-| {{b|{{#var:DPD Intervall}} }} <br>{{Hinweis-neu|{{#var:Neu ab}} 12.2.3|12.2.3|status=update}}|| {{ic|10|c|class=mw7}} {{#var:Sekunden}} || {{#var:DPD Intervall--desc}}
+| {{b|{{#var:DPD Intervall}} }} || {{ic|10|c|class=mw7}} {{#var:Sekunden}} || {{#var:DPD Intervall--desc}}
 |-
 | {{b|{{#var:Compression}} }} || {{ButtonAus|{{#var:aus}} }} || {{#var:Compression--desc}}
+|- style=display:{{#var:IKEv2}}
+| {{b|{{#var:MOBIKE}} }}<br>{{Hinweis-neu|{{#var:Neu ab}} 12.2.4|12.2.4|status=update}} || {{ButtonAn|{{#var:ja}}}}<br><small>'''Default'''</small> || {{#var:MOBIKE--desc}}
 |- class="Leerzeile"
 |
@@ Zeile 66: / Zeile 123: @@
 |- class="Leerzeile"
 |  colspan="2" | <br>
-==== Phase 2 ====
+===== Phase 2 =====
 |- class="Leerzeile"
@@ Zeile 73: / Zeile 130: @@
 |-
 ! {{#var:Beschriftung}} !! {{#var:default-utm|Default-Werte UTM}} !! {{#var:default-ncp|Default-Werte NCP-Client}}
-| class="Bild width75" rowspan="12" | {{Bild |  {{#var:Phase2 bearbeiten--Bild}}|{{#var:Phase2 bearbeiten--cap}} }}
+| style=display:{{#var:IKEv1 RW}} class="Bild" rowspan="12" | {{Bild |  {{#var: Phase2 bearbeiten IKEv1 RW--Bild}}|{{#var:Phase2 bearbeiten--cap}} }}
+| style=display:{{#var:IKEv2 RW}} class="Bild" rowspan="12" | {{Bild |  {{#var: Phase2 bearbeiten IKEv2 RW--Bild}}|{{#var:Phase2 bearbeiten--cap}} }}
+| style=display:{{#var:IKEv1 S2S}} class="Bild" rowspan="12" | {{Bild |  {{#var: Phase2 bearbeiten IKEv1 S2S--Bild}}|{{#var:Phase2 bearbeiten--cap}} }}
+| style=display:{{#var:IKEv2 S2S}} class="Bild" rowspan="12" | {{Bild |  {{#var: Phase2 bearbeiten IKEv2 S2S--Bild}}|{{#var:Phase2 bearbeiten--cap}} }}
 |-
 | {{b| {{#var:Verschlüsselung}} }} || {{Button| aes128 |dr|class=mw7}} || AES 128 Bit
 |-
-| {{b|  {{#var:Authentifizierung}}  }} || {{Button| sha2_256 |dr|class=mw7}} || SHA2 256 Bit
+| {{b| {{#var:Authentifizierung}}  }} || {{Button| sha2_256 |dr|class=mw7}} || SHA2 256 Bit
 |-
 | {{b|  DH-Gruppe (PFS):  }} || {{Button| modp2048 |dr|class=mw7}} || keine
@@ Zeile 83: / Zeile 143: @@
 | {{b| {{#var: Schlüssel-Lebensdauer| Schlüssel-Lebensdauer: }} }} || {{Button| 8 {{#var: Stunden}} |dr|class=mw7}} || {{#var:Schlüssel-Lebensdauer--desc}}
 |-
-| {{b| {{#var: Austausch-Modus| Austausch-Modus }} }} || Main Mode ({{#var: nonkonfig| nicht konfigurierbar }}) || Aggressive Mode (IKEv1)<li class="list--element__alert list--element__warning">{{#var:Aggressive Mode--Hinweis}}</li>
+| {{#var: Austausch-Modus| Austausch-Modus }} || Main Mode ({{#var: nonkonfig| nicht konfigurierbar }}) || Aggressive Mode (IKEv1)<li class="list--element__alert list--element__warning">{{#var:Aggressive Mode--Hinweis}}</li>
 |- class="Leerzeile"
 |
@@ Zeile 92: / Zeile 152: @@
 |-
 | {{b| {{#var: Neustart}}}} || {{ButtonAus|{{#var:nein}} }} || {{#var:Neustart--desc}}<li class="list--element__alert list--element__hint">{{#var:Neustart--Hinweis}}</li>
+|- style=display:{{#var:IKEv2}}
+| {{b|{{#var: Subnetzkombinationen gruppieren}} }}
+| {{ButtonAn|{{#var:ja}} }}<p><li class="list--element__alert list--element__warning">{{#var:Gegenstelle unterstützt keine Subnetzkombinationen--Hinweis}}</li></p>  || {{#var:Subnetzkombinationen gruppieren--desc}}
+|-
+| {{b|{{#var:DHCP}} }} {{Hinweis-neu|{{#var:Neu ab}} 12.2.4|12.2.4|status=new}} || {{ButtonAus|{{#var:Aus}} }} || {{#var:DHCP--desc}}<li class="list--element__alert list--element__hint">{{#var:DHCP--Hinweis}}</li>
+|- class="Leerzeile"
+|
+|}
+<div style=display:{{#var:IKEv2 RW}}>
+{| class="sptable2 pd5 zh1 einrücken"
+|- class="Leerzeile"
+| colspan="3"| {{h6|{{#var:Adress-Pool Reiter}} }}<br>{{#var:Reiter}} {{Reiter|{{#var:Adress-Pool Reiter}}}}
 |-
-| {{b|{{#var: Subnetzkombinationen gruppieren}} }} <br><small>'''{{#var:Nur bei IKEv}}2'''</small>
+! {{#var:cap}} !! {{#var:val}} !! {{#var:desc}} || class="Bild" rowspan="3" | {{Bild| {{#var:Adress-Pool--Bild}}|{{#var:Adress-Pool--cap}} }}
-| {{ButtonAn|{{#var:ja}} }}<p><li class="list--element__alert list--element__warning">{{#var:Gegenstelle unterstützt keine Subnetzkombinationen--Hinweis}}</li></p>  || {{#var:Subnetzkombinationen gruppieren--desc}}
+|-
+| {{b|{{#var:Lokales Netzwerk}} }} || {{ic|{{#var:Lokales Netzwerk--val}}|class=available}} || {{#var:Lokales Netzwerk--desc}}
+|-
+| {{b|{{#var:Adress-Pool}} }}<br><small class=bold>{{#var:Adress-Pool--Hinweis}}</small> || {{ic|{{#var:Adress-Pool--val}}|class=available}} || {{#var:Adress-Pool--desc}}
+|-
+|}
+</div>
+<div style=display:{{#var:not IKEv2 RW}}>
+{| class="sptable2 pd5 zh1 einrücken"
 |- class="Leerzeile"
-| colspan="3" | {{h6|{{#var:Subnetze}} }}<br>{{#var:Reiter}} {{Reiter|{{#var:Subnetze}}}} <small>'''{{#var:Nur bei IKEv}}2'''</small>
+| colspan="3" | {{h6|{{#var:Subnetze}} }}<br>{{#var:Reiter}} {{Reiter|{{#var:Subnetze}} }}
 |- class="Leerzeile"
 | rowspan="2" | || colspan="2" | {{#var:Szenario}} '''{{#var:Subnetze alle}}'''
@@ Zeile 187: / Zeile 268: @@
 |
 |- class="Leerzeile"
-| colspan="3" |
+|
-==== {{#var:Troubleshooting}} ====
+|}
+</div>
+----
+<div class="einrücken">
+===== {{#var:Troubleshooting}} =====
+<div class="einrücken">
 {{#var:Troubleshooting--desc}}
 {{#var:Gateway-ID--Hinweis}}
+</div>
+</div>
-<noinclude>|}</noinclude>
+</includeonly>