Keine Bearbeitungszusammenfassung |
KKeine Bearbeitungszusammenfassung |
||
| Zeile 63: | Zeile 63: | ||
</div>{{Select_lang}} | </div>{{Select_lang}} | ||
<noinclude>{{TOC2}} | <noinclude><!-- | ||
{{Header|12.4| | {{TOC2}} | ||
{{Header|12.5| | |||
|[[UTM/VPN/IPSec-Phase1-2_v12.4|12.4]] | |||
[[UTM/VPN/IPSec-Phase1-2_v12.2.4 | 12.2.4]] | |||
[[UTM/VPN/IPSec-Phase1-2_v12.2.3 | 12.2.3]] | [[UTM/VPN/IPSec-Phase1-2_v12.2.3 | 12.2.3]] | ||
|{{Menu|VPN|IPSec|{{#var:Verbindungen}} }} {{Button|Phase 1|w}} {{Button|Phase 2|w}} | |{{Menu|VPN|IPSec|{{#var:Verbindungen}} }} {{Button|Phase 1|w}} {{Button|Phase 2|w}} | ||
}} | }} | ||
--> | |||
{{#var:noinclude}} | {{#var:noinclude}} | ||
<br clear=all> | <br clear=all> | ||
| Zeile 89: | Zeile 92: | ||
| {{b|{{#var:Beliebige Remote-Adressen}} }} || {{ButtonAn|{{#var:ein}} }}<br><small>'''Default'''</small> || {{#var:Beliebige Remote-Adressen--desc}} | | {{b|{{#var:Beliebige Remote-Adressen}} }} || {{ButtonAn|{{#var:ein}} }}<br><small>'''Default'''</small> || {{#var:Beliebige Remote-Adressen--desc}} | ||
|- | |- | ||
| rowspan="4" | {{b|{{#var:Startverhalten}} }} {{Hinweis- | | rowspan="4" | {{b|{{#var:Startverhalten}} }} {{Hinweis-box||gr|12.4|status=update}} || {{Button|Outgoing|dr|class=mw7}} || {{#var:Outgoing--desc}} | ||
|- | |- | ||
| {{Button|Incoming|dr|class=mw7}} <small>{{#var:Default wenn Remote Host any}}</small>|| {{#var:incoming--desc}} | | {{Button|Incoming|dr|class=mw7}} <small>{{#var:Default wenn Remote Host any}}</small>|| {{#var:incoming--desc}} | ||
|- style=display:{{#var:E2S}} | |- style=display:{{#var:E2S}} | ||
| {{Button|Route|dr|class=mw7}} <small>{{#var: Default wenn Remote Host benannnt}}</small> || {{#var:Route--desc}}{{Hinweis- | | {{Button|Route|dr|class=mw7}} <small>{{#var: Default wenn Remote Host benannnt}}</small> || {{#var:Route--desc}}{{Hinweis-box| {{#var:Route--Hinweis}}|g|fs__icon=em2}} | ||
|- style=display:{{#var:S2S}} | |- style=display:{{#var:S2S}} | ||
| {{Button|Route|dr|class=mw7}} <small>{{#var: Default wenn Remote Host benannnt}}</small> || {{#var:Route--desc}}{{Hinweis- | | {{Button|Route|dr|class=mw7}} <small>{{#var: Default wenn Remote Host benannnt}}</small> || {{#var:Route--desc}}{{Hinweis-box| {{#var:Route--Hinweis}}|g|fs__icon=em2}} | ||
|- | |- | ||
| {{Button|Ignore|dr|class=mw7}} || {{#var:Ignore--desc}} | | {{Button|Ignore|dr|class=mw7}} || {{#var:Ignore--desc}} | ||
|- style=display:{{#var:S2S}} | |- style=display:{{#var:S2S}} | ||
| {{b|{{#var:Verkehr generieren}} }} {{Hinweis- | | {{b|{{#var:Verkehr generieren}} }} {{Hinweis-box|{{#var:neu ab}} v12.4|gr|12.4|status=neu}}<br><small>'''{{#var:Verkehr generieren--Route}}'''</small> || {{ButtonAn|{{#var:ein}} }} || {{#var:Verkehr generieren--desc}} | ||
|- | |- | ||
| <span id="DPD"></span>{{b|{{#var:Dead Peer Detection}} }} || {{ButtonAn|{{#var:ein}} }} || {{#var:Dead Peer Detection--desc}}<li class="list--element__alert list--element__hint">{{#var:Dead Peer Detection--Hinweis}}</li> | | <span id="DPD"></span>{{b|{{#var:Dead Peer Detection}} }} || {{ButtonAn|{{#var:ein}} }} || {{#var:Dead Peer Detection--desc}}<li class="list--element__alert list--element__hint">{{#var:Dead Peer Detection--Hinweis}}</li> | ||
| Zeile 108: | Zeile 111: | ||
|- | |- | ||
| {{b|{{#var:Compression}} }} || {{ButtonAus|{{#var:aus}} }} || {{#var:Compression--desc}} | | {{b|{{#var:Compression}} }} || {{ButtonAus|{{#var:aus}} }} || {{#var:Compression--desc}} | ||
|- | |- class={{#var:IKEv1}} | ||
| {{b|{{#var:MOBIKE}} | | {{b|{{#var:MOBIKE}} }} || {{ButtonAn|{{#var:ja}}}}<br><small>'''Default'''</small> || {{#var:MOBIKE--desc}} | ||
|- class="Leerzeile" | |- class="Leerzeile" | ||
| | | | ||
| Zeile 116: | Zeile 119: | ||
|- | |- | ||
! {{#var:Beschriftung}} !! {{#var:default-utm|Default-Werte UTM}} !! {{#var:default-ncp|Default-Werte NCP-Client}} | ! {{#var:Beschriftung}} !! {{#var:default-utm|Default-Werte UTM}} !! {{#var:default-ncp|Default-Werte NCP-Client}} | ||
| | | class="Bild {{#var:IKEv1}}" rowspan="12" | {{Bild | {{#var:Phase1 IKE1--Bild}}|{{#var:Phase1 IKE--cap}}1 }} | ||
| | | class="Bild {{#var:IKEv2}}" rowspan="12" | {{Bild | {{#var:Phase1 IKE2--Bild}}|{{#var:Phase1 IKE--cap}}2 }} | ||
|- | |- | ||
| {{b| {{#var: Verschlüsselung| Verschlüsselung: }} }} || {{Button| aes128 |dr|class=mw7}} || AES 128 Bit | | {{b| {{#var: Verschlüsselung| Verschlüsselung: }} }} || {{Button| aes128 |dr|class=mw7}} || AES 128 Bit | ||
|- | |- | ||
| {{b| {{#var: Authentifizierung| Authentifizierung: }} }} || {{Button| sha2_256 |dr|class=mw7}} || Hash: SHA2 256 Bit | | {{b| {{#var: Authentifizierung| Authentifizierung: }} }} || {{Button| sha2_256 |dr|class=mw7}} || Hash: SHA2 256 Bit | ||
| Zeile 125: | Zeile 128: | ||
| rowspan="2" | {{b| Diffie-Hellman Group: }} || {{Button| modp2048 |dr|class=mw7}} || IKE DH-Grupe: DH2 (modp1024) | | rowspan="2" | {{b| Diffie-Hellman Group: }} || {{Button| modp2048 |dr|class=mw7}} || IKE DH-Grupe: DH2 (modp1024) | ||
|- | |- | ||
| colspan="2" | <li class="list--element__alert list--element__positiv">{{#var:DH--Empfehlung}} | | colspan="2" | <li class="list--element__alert list--element__positiv">{{#var:DH--Empfehlung}}</li> | ||
|- class="Leerzeile" | |- class="Leerzeile" | ||
| | | | ||
| Zeile 132: | Zeile 135: | ||
|- | |- | ||
! {{#var:cap}} !! {{#var:val}} !! {{#var:desc}} | ! {{#var:cap}} !! {{#var:val}} !! {{#var:desc}} | ||
|- | |||
| {{b|{{#var:Schwache Algorithmen anzeigen}} }} {{Hinweis-box|{{#var:neu ab}} v12.5|gr|12.5|status=neu}} || {{ButtonAus|{{#var:aus}} }} || {{#var:Schwache Algorithmen anzeigen--desc}} | |||
|- | |- | ||
| rowspan="2" | {{b| Strict: }} || {{ButtonAus|{{#var:aus}} }} || {{#var:Strict-aus--desc}} | | rowspan="2" | {{b| Strict: }} || {{ButtonAus|{{#var:aus}} }} || {{#var:Strict-aus--desc}} | ||
|- | |- | ||
| {{ButtonAn|{{#var:ein}} }} || {{#var:Strict-ein--desc}} | | {{ButtonAn|{{#var:ein}} }} || {{#var:Strict-ein--desc}} | ||
|- | |- class={{#var:IKEv2}} | ||
| <span id=IKEv2Lifetime></span>{{b|{{#var:IKE Lifetime}} }} | | <span id=IKEv2Lifetime></span>{{b|{{#var:IKE Lifetime}} }} {{Hinweis-box|{{#var:Änderung ab v12.5}}|r|12.5|status=update|class=mw11}} || {{ButtonAus|{{#var:Aus}} }} {{ic|3|c|class=mw7}} {{#var:Stunden}} || {{#var:IKE Lifetime--desc}}<br>{{#var:IKE Lifetime--info}} | ||
|- | |- class={{#var:IKEv1}} | ||
| {{b|{{#var:IKE Lifetime}} }} || {{Button|1 {{#var:Stunde}} |dr|class=mw7}} || {{#var:IKE Lifetime--desc}} | | {{b|{{#var:IKE Lifetime}} }} || {{Button|1 {{#var:Stunde}} |dr|class=mw7}} || {{#var:IKE Lifetime--desc}} | ||
|- | |- class={{#var:IKEv2}} | ||
| <span id=IKEv2Rekeytime></span>{{b|{{#var:IKE Rekeytime}} }} {{Hinweis- | | rowspan="2" | <span id=IKEv2Rekeytime></span>{{b|{{#var:IKE Rekeytime}} }} {{Hinweis-box|{{#var:neu ab}}: v12.4|gr|12.4|status=neu|class=mw11}}{{Hinweis-box|{{#var:Änderung ab v12.5}}|r|12.5|status=update|class=mw11}} || {{ic|2|c|class=mw7}} {{#var:Stunden}} || {{#var:IKE Rekeytime--desc}} | ||
|- class={{#var:IKEv2}} | |||
| colspan="2" | {{Hinweis-box| {{#var: Rekeying Default Änderung}} {{info|{{#var:Rekeying Default Änderung--info}} <br><br>{{#var:Beispiel}}<br>{{#var:Aktive Version}}<br>ike_lifetime = 2<br>ike_rekeytime = 0<br><br>{{#var:Nach Update}}<br>ike_lifetime = 0<br>ike_rekeytime = 2<br><br>----<br><br>{{#var:Aktive Version}}<br>ike_lifetime = 2<br>ike_rekeytime = 1<br><br>{{#var:Nach Update}} {{#var:ohne Änderung}}<br>ike_lifetime =2<br>ike_rekeytime = 1}} }} | |||
|- | |- | ||
| {{b|{{#var:Rekeying}}}} || {{Button| {{#var:Rekeying--val}}|dr|class=mw13}} || {{#var:Rekeying--desc}} {{info|{{#var:Rekeying--info}} }} | | {{b|{{#var:Rekeying}}}} || {{Button| {{#var:Rekeying--val}}|dr|class=mw13}} || {{#var:Rekeying--desc}} {{info|1={{#var:Rekeying--info}} }} | ||
|- | |- | ||
|- class="Leerzeile" | |- class="Leerzeile" | ||
| Zeile 156: | Zeile 163: | ||
|- | |- | ||
! {{#var:Beschriftung}} !! {{#var:default-utm|Default-Werte UTM}} !! {{#var:default-ncp|Default-Werte NCP-Client}} | ! {{#var:Beschriftung}} !! {{#var:default-utm|Default-Werte UTM}} !! {{#var:default-ncp|Default-Werte NCP-Client}} | ||
| | | class="Bild {{#var:IKEv1 RW}}" rowspan="12" | {{Bild | {{#var: Phase2 bearbeiten IKEv1 RW--Bild}} |{{#var:Phase2 bearbeiten--cap}} / IKEv1 / Roadwarrior }} | ||
| | | class="Bild {{#var:IKEv2 RW}}" rowspan="12" | {{Bild | {{#var: Phase2 bearbeiten IKEv2 RW--Bild}} |{{#var:Phase2 bearbeiten--cap}} / IKEv2 / Roadwarrior}} | ||
| | | class="Bild {{#var:IKEv1 S2S}}" rowspan="12" | {{Bild | {{#var: Phase2 bearbeiten IKEv1 S2S--Bild}}|{{#var:Phase2 bearbeiten--cap}} / IKEv1 / S2S }} | ||
| | | class="Bild {{#var:IKEv2 S2S}}" rowspan="12" | {{Bild | {{#var: Phase2 bearbeiten IKEv2 S2S--Bild}}|{{#var:Phase2 bearbeiten--cap}} / IKEv2 / S2S }} | ||
|- | |- | ||
| {{b| {{#var:Verschlüsselung}} }} || {{Button| aes128 |dr|class=mw7}} || AES 128 Bit | | {{b| {{#var:Verschlüsselung}} }} || {{Button| aes128 |dr|class=mw7}} || AES 128 Bit | ||
| Zeile 165: | Zeile 172: | ||
| {{b| {{#var:Authentifizierung}} }} || {{Button| sha2_256 |dr|class=mw7}} || SHA2 256 Bit | | {{b| {{#var:Authentifizierung}} }} || {{Button| sha2_256 |dr|class=mw7}} || SHA2 256 Bit | ||
|- | |- | ||
| {{b| {{#var:Diffie-Hellman Group}} }} || {{Button| modp2048 |dr|class=mw7}} || <li class="list--element__alert list--element__positiv">{{#var:DH--Empfehlung}}</li> | |||
|- | |- | ||
| {{b| {{#var: Schlüssel-Lebensdauer| Schlüssel-Lebensdauer: }} }} || {{Button| 8 {{#var: Stunden}} |dr|class=mw7}} || {{#var:Schlüssel-Lebensdauer--desc}} | | {{b| {{#var: Schlüssel-Lebensdauer| Schlüssel-Lebensdauer: }} }} || {{Button| 8 {{#var: Stunden}} |dr|class=mw7}} || {{#var:Schlüssel-Lebensdauer--desc}} | ||
| Zeile 176: | Zeile 181: | ||
|- class="Leerzeile" | |- class="Leerzeile" | ||
| colspan="3" | <p>{{#var:Reiter}} {{Reiter|{{#var:Allgemein}}}}: {{#var:Weitere Einstellungen}}</p> | | colspan="3" | <p>{{#var:Reiter}} {{Reiter|{{#var:Allgemein}}}}: {{#var:Weitere Einstellungen}}</p> | ||
|- | |||
| {{b|{{#var:Schwache Algorithmen anzeigen}} }} {{Hinweis-box|{{#var:neu ab}} v12.5|gr|12.5|status=neu}} || {{ButtonAus|{{#var:aus}} }} || {{#var:Schwache Algorithmen anzeigen--desc}} | |||
|- | |- | ||
| {{b| {{#var: Neustart}}}} || {{ButtonAus|{{#var:nein}} }} || {{#var:Neustart--desc}}<li class="list--element__alert list--element__hint">{{#var:Neustart--Hinweis}}</li> | | {{b| {{#var: Neustart}}}} || {{ButtonAus|{{#var:nein}} }} || {{#var:Neustart--desc}}<li class="list--element__alert list--element__hint">{{#var:Neustart--Hinweis}}</li> | ||
| Zeile 182: | Zeile 189: | ||
| {{ButtonAn|{{#var:ja}} }}<p><li class="list--element__alert list--element__warning">{{#var:Gegenstelle unterstützt keine Subnetzkombinationen--Hinweis}}</li></p> || {{#var:Subnetzkombinationen gruppieren--desc}} | | {{ButtonAn|{{#var:ja}} }}<p><li class="list--element__alert list--element__warning">{{#var:Gegenstelle unterstützt keine Subnetzkombinationen--Hinweis}}</li></p> || {{#var:Subnetzkombinationen gruppieren--desc}} | ||
|- | |- | ||
| {{b|{{#var:DHCP}} | | {{b|{{#var:DHCP}} }} || {{ButtonAus|{{#var:Aus}} }} || {{#var:DHCP--desc}}<li class="list--element__alert list--element__hint">{{#var:DHCP--Hinweis}}</li> | ||
|- class="Leerzeile" | |- class="Leerzeile" | ||
| | | | ||
| Zeile 252: | Zeile 259: | ||
|- class="Leerzeile" | |- class="Leerzeile" | ||
| || colspan="2" | {{#var:Szenario}} '''{{#var:Subnetz teilweise}}''' | | || colspan="2" | {{#var:Szenario}} '''{{#var:Subnetz teilweise}}''' | ||
<p>{{#var:Subnetz teilweise--desc}}</p>{{Hinweis- | <p>{{#var:Subnetz teilweise--desc}}</p>{{Hinweis-box| {{#var:IKE-Multichannel--Netzwerkhinweis}} }} | ||
{{Hinweis- | {{Hinweis-box| {{#var:IKE-Multichannel--Portfilter--Hinweis}} | gr}} | ||
{{Einblenden|{{#var:Beispiel mit root-Login}}|{{#var:hide}}|dezent}} | {{Einblenden|{{#var:Beispiel mit root-Login}}|{{#var:hide}}|dezent}} | ||
{{#var:Beispiel mit root-Login--desc}}<br> | {{#var:Beispiel mit root-Login--desc}}<br> | ||
Version vom 10. August 2023, 13:30 Uhr
Konfiguration der Phase 1 und 2 für IPSec-Verbindungen.
Der Inhalt dieser Seite wird hier angezeigt:
- UTM/VPN/IPSec-S2S (Vorlageneinbindung) (← Links)
- UTM/VPN/IPSec-Phase1-2 v12.2.3 (← Links)
- UTM/VPN/IPSec-S2S v12.2.3 (← Links)
- UTM/VPN/IPSec-S2E v12.2.3 (← Links)
- UTM/VPN/IPSec-Phase1-2 v12.2.4 (← Links)
- UTM/VPN/IPSec-Phase1-2 v12.4 (← Links)
- UTM/VPN/IPSec-S2E (Vorlageneinbindung) (← Links)
- UTM/VPN/IPSec-Phase1-2 v12.5 (← Links)
- UTM/VPN/IPSec-S2S v12.5 (← Links)
- UTM/VPN/IPSec-S2E v12.5 (← Links)
- UTM/VPN/IPSec-S2S v12.6.2 (Vorlageneinbindung) (← Links)