Wechseln zu:Navigation, Suche
Wiki

UTM/VPN/IPSec-Phase1-2: Unterschied zwischen den Versionen

Aus Securepoint Wiki
K (Textersetzung - „#WEITERLEITUNG(.*)Preview1260\n“ durch „“)
Markierung: Weiterleitung entfernt
KKeine Bearbeitungszusammenfassung
 
Zeile 62: Zeile 62:
}}
}}


</div>{{Select_lang}}
</div><div class="new_design"></div>{{Select_lang}}
<noinclude><!--
<noinclude><!--
{{TOC2}}
{{TOC2}}
{{Header|12.6|
{{Header|12.6.2|
|[[UTM/VPN/IPSec-Phase1-2_v12.5|12.5]]
|[[UTM/VPN/IPSec-Phase1-2_v12.5|12.5]]
[[UTM/VPN/IPSec-Phase1-2_v12.4|12.4]]
[[UTM/VPN/IPSec-Phase1-2_v12.4|12.4]]
[[UTM/VPN/IPSec-Phase1-2_v12.2.4 | 12.2.4]]
[[UTM/VPN/IPSec-Phase1-2_v12.2.4 | 12.2.4]]
[[UTM/VPN/IPSec-Phase1-2_v12.2.3 | 12.2.3]]
[[UTM/VPN/IPSec-Phase1-2_v12.2.3 | 12.2.3]]
|{{Menu|VPN|IPSec|{{#var:Verbindungen}} }} {{Button|Phase 1|w}} {{Button|Phase 2|w}}
|{{Menu-UTM|VPN|IPSec|Verbindungen}} {{Button|Phase 1|w}} {{Button|Phase 2|w}}
}}
}}
-->
-->
Zeile 82: Zeile 82:
===== Phase 1 =====
===== Phase 1 =====
|- class="Leerzeile"
|- class="Leerzeile"
| colspan="3" | <span id="{{#var:Allgemein}}_2"></span>{{Menu-UTM|VPN|IPSec|{{#var:Verbindungen}}|Phase 1|w}}{{h6|{{#var:Allgemein}} }}
| colspan="3" | {{Menu-UTM|VPN|IPSec|{{#var:Verbindungen}}|Phase 1|w}}{{h6|{{#var:Allgemein}} }}<br><br> {{Reiter|{{#var:Allgemein}} }}
<p>{{#var:Abschnitt}} {{Reiter|{{#var:Allgemein}} }}</p>
|-
|-
! {{#var:cap}} !! {{#var:val}} !! {{#var:desc}}
! {{#var:cap}} !! {{#var:val}} !! {{#var:desc}}
| style=display:{{#var:IKEv1 RW}} class="Bild" rowspan="10"| {{Bild | {{#var:Phase1 Allgemein IKEv1 RW--Bild}}|{{#var:Phase1 Allgemein--cap}} }}
| style=display:{{#var:IKEv1 RW}} class="Bild" rowspan="10" | {{Bild| {{#var:Phase1 Allgemein IKEv1 RW--Bild}} |{{#var:Phase1 Allgemein--cap}}||{{#var:Phase 1 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
| style=display:{{#var:IKEv2 RW}} class="Bild" rowspan="10"| {{Bild | {{#var:Phase1 Allgemein--Bild}}|{{#var:Phase1 Allgemein--cap}} }}
| style=display:{{#var:IKEv2 RW}} class="Bild" rowspan="10" | {{Bild| {{#var:Phase1 Allgemein--Bild}} |{{#var:Phase1 Allgemein--cap}}||{{#var:Phase 1 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
| style=display:{{#var:IKEv1 S2S}} class="Bild" rowspan="10"| {{Bild|{{#var:Phase1 Allgemein IKEv1 S2S--Bild}}|{{#var:Phase1 Allgemein--cap}}||{{#var:Phase 1 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
| style=display:{{#var:IKEv1 S2S}} class="Bild" rowspan="10" | {{Bild| {{#var:Phase1 Allgemein IKEv1 S2S--Bild}} |{{#var:Phase1 Allgemein--cap}}||{{#var:Phase 1 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
| style=display:{{#var:IKEv2 S2S}} class="Bild" rowspan="10"| {{Bild|{{#var:Phase1 Allgemein IKEv2 S2S--Bild}}|{{#var:Phase1 Allgemein--cap}}||{{#var:Phase 1 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
| style=display:{{#var:IKEv2 S2S}} class="Bild" rowspan="10" | {{Bild| {{#var:Phase1 Allgemein IKEv2 S2S--Bild}} |{{#var:Phase1 Allgemein--cap}}||{{#var:Phase 1 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
|- style=display:{{#var:IKEv1}}
|- style=display:{{#var:IKEv1}}
| {{b|{{#var:Beliebige Remote-Adressen}} }} || {{ButtonAn|{{#var:ein}} }}<br><small>'''Default'''</small> || {{#var:Beliebige Remote-Adressen--desc}}
| {{b|{{#var:Beliebige Remote-Adressen}}:}} || {{ButtonAn|{{#var:ein}} }}<br><small>'''Default'''</small> || {{#var:Beliebige Remote-Adressen--desc}}
|-
|-
| rowspan="4" | {{b|{{#var:Startverhalten}} }} {{Hinweis-box||gr|12.4|status=update}} || {{Button|Outgoing|dr|class=available}} || {{#var:Outgoing--desc}}
| rowspan="4" | {{b|{{#var:Startverhalten}}:}} || {{Button|Outgoing|dr|class=available}} || {{#var:Outgoing--desc}}
|-  
|-  
| {{Button|Incoming|dr|class=available}} <small>{{#var:Default wenn Remote Host any}}</small>|| {{#var:incoming--desc}}
| {{Button|Incoming|dr|class=available}} <small>{{#var:Default wenn Remote Host any}}</small>|| {{#var:incoming--desc}}
Zeile 103: Zeile 102:
| {{Button|Ignore|dr|class=available}} || {{#var:Ignore--desc}}
| {{Button|Ignore|dr|class=available}} || {{#var:Ignore--desc}}
|- style=display:{{#var:S2S}}
|- style=display:{{#var:S2S}}
| {{b|{{#var:Verkehr generieren}} }} {{Hinweis-box|{{#var:neu ab}} v12.4|gr|12.4|status=neu}}<br><small>'''{{#var:Verkehr generieren--Route}}'''</small> || {{ButtonAn|{{#var:ein}} }} || {{#var:Verkehr generieren--desc}}
| {{b|{{#var:Verkehr generieren}}:}} <br><small>'''{{#var:Verkehr generieren--Route}}'''</small> || {{ButtonAn|{{#var:ein}} }} || {{#var:Verkehr generieren--desc}}
|-
|-
| <span id="DPD"></span>{{b|{{#var:Dead Peer Detection}} }} || {{ButtonAn|{{#var:ein}} }} || {{#var:Dead Peer Detection--desc}}<li class="list--element__alert list--element__hint">{{#var:Dead Peer Detection--Hinweis}}</li>
| {{b|Dead Peer Detection:}} || {{ButtonAn|{{#var:ein}} }} || {{#var:Dead Peer Detection--desc}}<li class="list--element__alert list--element__hint">{{#var:Dead Peer Detection--Hinweis}}</li>
|-
|-
| {{b|{{#var:DPD Timeout}} }} || {{ic|30|c|class=available}} {{#var:Sekunden}} || {{#var:DPD Timeout--desc}}<li class="list--element__alert list--element__hint">{{#var:Timeout--Hinweis}}</li>
| {{b|DPD Timeout:}} || {{ic|30|c|class=available}} {{#var:Sekunden}} || {{#var:DPD Timeout--desc}}<li class="list--element__alert list--element__hint">{{#var:Timeout--Hinweis}}</li>
|-
|-
| {{b|{{#var:DPD Intervall}} }} || {{ic|10|c|class=available}} {{#var:Sekunden}} || {{#var:DPD Intervall--desc}}
| {{b|{{#var:DPD Intervall}}:}} || {{ic|10|c|class=available}} {{#var:Sekunden}} || {{#var:DPD Intervall--desc}}
|-
|-
| {{b|{{#var:Compression}} }} || {{ButtonAus|{{#var:aus}} }} || {{#var:Compression--desc}}
| {{b|Compression:}} || {{ButtonAus|{{#var:aus}} }} || {{#var:Compression--desc}}
|- class={{#var:IKEv2}}
|- class={{#var:IKEv2}}
| {{b|{{#var:MOBIKE}} }} || {{ButtonAn|{{#var:ja}}}}<br><small>'''Default'''</small> || {{#var:MOBIKE--desc}}  
| {{b|{{#var:MOBIKE}} }} || {{ButtonAn|{{#var:ja}} }} || {{#var:MOBIKE--desc}}  
|- class="Leerzeile"
|- class="Leerzeile"
|
|
|- class="Leerzeile"
|- class="Leerzeile"
| colspan="3" | {{#var:Abschnitt}} {{Reiter|{{#var:IKE}}}} {{#var:Identische Einstellungen}} {{h6|{{#var:IKE}} }}
| colspan="3" | {{#var:Abschnitt}} {{Reiter|IKE}} {{#var:Identische Einstellungen}} {{h6|IKE}}
|-
|-
! {{#var:Beschriftung}} !! {{#var:default-utm|Default-Werte UTM}} !! {{#var:default-ncp|Default-Werte NCP-Client}}
! {{#var:cap}} !! Default UTM !! Default NCP Client
| class="Bild {{#var:IKEv1}}" rowspan="12" | {{Bild|{{#var:Phase1 IKE1--Bild}}|{{#var:Phase1 IKE--cap}}1 }}
| class="Bild {{#var:IKEv1}}" rowspan="11" | {{Bild| {{#var:Phase1 IKE1--Bild}} |{{#var:Phase1 IKE--cap}}1 }}
| class="Bild {{#var:IKEv2}}" rowspan="12" | {{Bild|{{#var:Phase1 IKE2--Bild}}|{{#var:Phase1 IKE--cap}}2 }}
| class="Bild {{#var:IKEv2}}" rowspan="11" | {{Bild| {{#var:Phase1 IKE2--Bild}} |{{#var:Phase1 IKE--cap}}2 }}
|-
|-
| {{b| {{#var: Verschlüsselung| Verschlüsselung: }} }} || {{ic|{{cb|aes128}}|cb|class=available}} || AES 128 Bit  
| {{b|{{#var:Verschlüsselung}} }} || {{ic|{{cb|aes128}}|cb|class=available}} || AES 128 Bit  
|-
|-
| {{b| {{#var: Authentifizierung| Authentifizierung: }} }} || {{ic|{{cb|sha2_256}}|cb|class=available}} || Hash: SHA2 256 Bit
| {{b|{{#var:Authentifizierung}} }} || {{ic|{{cb|sha2_256}}|cb|class=available}} || Hash: SHA2 256 Bit
|-
|-
| rowspan="2" | {{b| {{#var:Diffie-Hellman Group}} }} || {{ic|{{cb|ecp521}}|cb|class=available}} || IKE DH-Gruppe: DH2 (modp1024)
| {{b|{{#var:Diffie-Hellman Group}} }} || {{ic|{{cb|ecp521}}|cb|class=available}} || IKE DH-Gruppe: DH2 (modp1024)
|-
|-
| colspan="2" | {{Hinweis-box||gr|12.5.1|status=update|unbordered={{#var:DH--Empfehlung}} }}
| {{b|Aktuelle Kombinationen:}} || colspan="2" | {{ic|aes128-sha2_256-ecp521|c=blau-font|bc=blau-bg||bdc=blau-bg|class=available}}
|-
| {{b|Aktuelle Kombinationen:}} {{Hinweis-box|{{#var:neu ab}} v12.6|gr|12.6|status=neu}} || {{ic|aes128-sha2_256-ecp521|c=blau-font|bc=blau-bg||bdc=blau-bg|class=available}} || {{#var:Aktuelle Kombinationen--desc}}
|- class="Leerzeile"
|- class="Leerzeile"
|
|
|- class="Leerzeile"
|- class="Leerzeile"
| colspan="3" | {{#var:Abschnitt}} {{Reiter|{{#var:IKE}}}} {{#var:Weitere Einstellungen}}:
| colspan="3" | {{#var:Abschnitt}} {{Reiter|IKE}} {{#var:Weitere Einstellungen}}:
|-
|-
! {{#var:cap}} !! {{#var:val}} !! {{#var:desc}}
! {{#var:cap}} !! {{#var:val}} !! {{#var:desc}}
<!--|-
| {{b|{{#var:Schwache Algorithmen anzeigen}} }} {{Hinweis-box|{{#var:neu ab}} v12.5|gr|12.5|status=neu}} || {{ButtonAus|{{#var:aus}} }} || {{#var:Schwache Algorithmen anzeigen--desc}}-->
|-
|-
| rowspan="2" | {{b| Strict: }} || {{ButtonAus|{{#var:aus}} }} || {{#var:Strict-aus--desc}}
| rowspan="2" | {{b|Strict:}} || {{ButtonAus|{{#var:aus}} }} || {{#var:Strict-aus--desc}}
|-
|-
| {{ButtonAn|{{#var:ein}} }} || {{#var:Strict-ein--desc}}
| {{ButtonAn|{{#var:ein}} }} || {{#var:Strict-ein--desc}}
|- class={{#var:IKEv2}}
|- class={{#var:IKEv2}}
| <span id=IKEv2Lifetime></span>{{b|{{#var:IKE Lifetime}} }} {{Hinweis-box|{{#var:Änderung ab v12.5}}|r|12.5|status=update|class=mw11}} || {{ButtonAus|{{#var:Aus}} }} {{ic|3|c|class=mw7}} {{#var:Stunden}} || {{#var:IKE Lifetime--desc}}<br>{{#var:IKE Lifetime--info}}
| {{b|{{#var:IKE Lifetime}} }} || {{ButtonAus|{{#var:Aus}} }} {{ic|3|c|class=mw7}} {{#var:Stunden}} || {{#var:IKE Lifetime--desc}}<br> {{#var:IKE Lifetime--info}}
|- class={{#var:IKEv1}}
|- class={{#var:IKEv1}}
| {{b|{{#var:IKE Lifetime}} }} || {{Button|1 {{#var:Stunde}} |dr|class=available}} || {{#var:IKE Lifetime--desc}}
| {{b|{{#var:IKE Lifetime}} }} || {{Button|1 {{#var:Stunde}}|dr|class=available}} || {{#var:IKE Lifetime--desc}}
|- class={{#var:IKEv2}}
|- class={{#var:IKEv2}}
| rowspan="2" | <span id=IKEv2Rekeytime></span>{{b|{{#var:IKE Rekeytime}} }} {{Hinweis-box|{{#var:neu ab}}: v12.4|gr|12.4|status=neu|class=mw11}}{{Hinweis-box|{{#var:Änderung ab v12.5}}|r|12.5|status=update|class=mw11}} || {{ic|2|c|class=available}} {{#var:Stunden}} || {{#var:IKE Rekeytime--desc}}
| rowspan="2" | {{b|IKE Rekeytime:}} || {{ic|2|c|class=available}} {{#var:Stunden}} || {{#var:IKE Rekeytime--desc}}
|- class={{#var:IKEv2}}
|- class={{#var:IKEv2}}
| colspan="2" | {{Hinweis-box| {{#var: Rekeying Default Änderung}} {{info|{{#var:Rekeying Default Änderung--info}} <br><br>{{#var:Beispiel}}<br>{{#var:Aktive Version}}<br>ike_lifetime &#61; 2<br>ike_rekeytime &#61; 0<br><br>{{#var:Nach Update}}<br>ike_lifetime &#61; 0<br>ike_rekeytime &#61; 2<br><br>----<br><br>{{#var:Aktive Version}}<br>ike_lifetime &#61; 2<br>ike_rekeytime &#61; 1<br><br>{{#var:Nach Update}} {{#var:ohne Änderung}}<br>ike_lifetime &#61;2<br>ike_rekeytime &#61; 1}} }}
| colspan="2" | {{Hinweis-box| {{#var: Rekeying Default Änderung}} {{info|{{#var:Rekeying Default Änderung--info}} <br><br>{{#var:Beispiel}}<br>{{#var:Aktive Version}}<br>ike_lifetime &#61; 2<br>ike_rekeytime &#61; 0<br><br>{{#var:Nach Update}}<br>ike_lifetime &#61; 0<br>ike_rekeytime &#61; 2<br><br>----<br><br>{{#var:Aktive Version}}<br>ike_lifetime &#61; 2<br>ike_rekeytime &#61; 1<br><br>{{#var:Nach Update}} {{#var:ohne Änderung}}<br>ike_lifetime &#61;2<br>ike_rekeytime &#61; 1}} }}
|-
|-
| {{b|{{#var:Rekeying}}}} || {{Button| {{#var:Rekeying--val}}|dr|class=available}} || {{#var:Rekeying--desc}} {{info|1={{#var:Rekeying--info}} }}
| {{b|Rekeying:}} || {{Button|{{#var:Rekeying--val}} |dr|class=available}} || {{#var:Rekeying--desc}} {{info|1={{#var:Rekeying--info}} }}
|-
|-
|- class="Leerzeile"
|- class="Leerzeile"
|
|
|- class="Leerzeile"
|- class="Leerzeile"
|  colspan="2" | <br>
|  colspan="2" |  
===== Phase 2 =====
===== Phase 2 =====


|- class="Leerzeile"
|- class="Leerzeile"
| colspan="3" | <span id="{{#var:Allgemein}}_3"></span>{{Menu-UTM|VPN|IPSec|{{#var:Verbindungen}}|Phase 2|w}}  {{h6|{{#var:Allgemein}} }}
| colspan="3" | {{Menu-UTM|VPN|IPSec|{{#var:Verbindungen}}|Phase 2|w}}  {{h6|{{#var:Allgemein}} }}
<p>{{#var:Abschnitt}} {{Reiter|{{#var:Allgemein}} }}: {{#var:Identische Einstellungen}}</p>
<p>{{#var:Abschnitt}} {{Reiter|{{#var:Allgemein}} }} {{#var:Identische Einstellungen}}</p>
|-
|-
! {{#var:Beschriftung}} !! {{#var:default-utm|Default-Werte UTM}} !! {{#var:default-ncp|Default-Werte NCP-Client}}
! {{#var:cap}} !! Default UTM !! Default NCP Client
| class="Bild {{#var:IKEv1 RW}}" rowspan="12" | {{Bild | {{#var:Phase2 bearbeiten IKEv1 RW--Bild}} |{{#var:Phase2 bearbeiten--cap}} / IKEv1 / Roadwarrior }}
| class="Bild {{#var:IKEv1 RW}}" rowspan="10" | {{Bild| {{#var:Phase2 bearbeiten IKEv1 RW--Bild}} |{{#var:Phase2 bearbeiten--cap}} / IKEv1 / Roadwarrior||{{#var:Phase 2 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
| class="Bild {{#var:IKEv2 RW}}" rowspan="12" | {{Bild | {{#var:Phase2 bearbeiten IKEv2 RW--Bild}} |{{#var:Phase2 bearbeiten--cap}} / IKEv2 / Roadwarrior}}
| class="Bild {{#var:IKEv2 RW}}" rowspan="10" | {{Bild| {{#var:Phase2 bearbeiten IKEv2 RW--Bild}} |{{#var:Phase2 bearbeiten--cap}} / IKEv2 / Roadwarrior||{{#var:Phase 2 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
| class="Bild {{#var:IKEv1 S2S}}" rowspan="12" | {{Bild|{{#var:Phase2 bearbeiten IKEv1 S2S--Bild}}|{{#var:Phase2 bearbeiten--cap}} / IKEv1 / S2S||{{#var:Phase 2 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
| class="Bild {{#var:IKEv1 S2S}}" rowspan="10" | {{Bild| {{#var:Phase2 bearbeiten IKEv1 S2S--Bild}} |{{#var:Phase2 bearbeiten--cap}} / IKEv1 / S2S||{{#var:Phase 2 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
| class="Bild {{#var:IKEv2 S2S}}" rowspan="12" | {{Bild|{{#var:Phase2 bearbeiten IKEv2 S2S--Bild}}|{{#var:Phase2 bearbeiten--cap}} / IKEv2 / S2S||{{#var:Phase 2 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
| class="Bild {{#var:IKEv2 S2S}}" rowspan="10" | {{Bild| {{#var:Phase2 bearbeiten IKEv2 S2S--Bild}} |{{#var:Phase2 bearbeiten--cap}} / IKEv2 / S2S||{{#var:Phase 2 bearbeiten}}|VPN|IPSec|icon=fa-floppy-disk-circle-xmark|icon2=fa-close}}
|-
|-
| {{b| {{#var:Verschlüsselung}} }} || {{ic|{{cb|aes128}}|cb|class=available}} || AES 128 Bit
| {{b|{{#var:Verschlüsselung}} }} || {{ic|{{cb|aes128}}|cb|class=available}} || AES 128 Bit
|-
|-
| {{b| {{#var:Authentifizierung}}  }} || {{ic|{{cb|sha2_256}}|cb|class=available}} || SHA2 256 Bit
| {{b|{{#var:Authentifizierung}}  }} || {{ic|{{cb|sha2_256}}|cb|class=available}} || SHA2 256 Bit
|- class="{{#var:S2S}}"
| rowspan="2" | {{b| {{#var:Diffie-Hellman Group}} }} || {{ic|{{cb|ecp521}}|cb|class=available}} || IKE DH-Gruppe: DH2 (modp1024)
|- class="{{#var:S2S}}"
|- class="{{#var:S2S}}"
| colspan="2" | {{Hinweis-box||gr|12.5.1|status=update|unbordered={{#var:DH--Empfehlung}} }}
| {{b|{{#var:Diffie-Hellman Group}} }} || {{ic|{{cb|ecp521}}|cb|class=available}} || IKE DH-Gruppe: DH2 (modp1024)
|- class="{{#var:E2S}}"
|- class="{{#var:E2S}}"
| {{b| {{#var:Diffie-Hellman Group}} }} || {{ic|{{cb|{{#var:Keine}} }}|cb|class=available}} || IKE DH-Gruppe: DH2 (modp1024)
| {{b| {{#var:Diffie-Hellman Group}} }} || {{ic|{{cb|ecp521}}|cb|class=available}} || IKE DH-Gruppe: DH2 (modp1024)
|-
|-
| {{b|Aktuelle Kombinationen:}} {{Hinweis-box|{{#var:neu ab}} v12.6|gr|12.6|status=neu}} || {{ic|aes128-sha2_256-ecp521|c=blau-font|bc=blau-bg||bdc=blau-bg}} || {{#var:Aktuelle Kombinationen--desc}}
| {{b|Aktuelle Kombinationen:}} || colspan="2" | {{ic|aes128-sha2_256-ecp521|c=blau-font|bc=blau-bg||bdc=blau-bg}}
|-
|-
| {{b| {{#var: Schlüssel-Lebensdauer| Schlüssel-Lebensdauer: }} }} || {{Button| 8 {{#var: Stunden}} |dr|class=available}} || {{#var:Schlüssel-Lebensdauer--desc}}
| {{b|{{#var:Schlüssel-Lebensdauer}}:}} || {{Button|8 {{#var: Stunden}}|dr|class=available}} || {{#var:Schlüssel-Lebensdauer--desc}}
|-
|-
| {{#var: Austausch-Modus| Austausch-Modus }} || Main Mode ({{#var: nonkonfig| nicht konfigurierbar }}) || Aggressive Mode (IKEv1)<li class="list--element__alert list--element__warning">{{#var:Aggressive Mode--Hinweis}}</li>
| {{b|{{#var:Austausch-Modus}}:}} || Main Mode ({{#var:nicht konfigurierbar}}) || Aggressive Mode (IKEv1)<li class="list--element__alert list--element__warning">{{#var:Aggressive Mode--Hinweis}}</li>
|- class="Leerzeile"
|
|- class="Leerzeile"
| colspan="3" | <p>{{#var:Abschnitt}} {{Reiter|{{#var:Allgemein}}}}: {{#var:Weitere Einstellungen}}</p>
<!--|-
| {{b|{{#var:Schwache Algorithmen anzeigen}} }} {{Hinweis-box|{{#var:neu ab}} v12.5|gr|12.5|status=neu}} || {{ButtonAus|{{#var:aus}} }} || {{#var:Schwache Algorithmen anzeigen--desc}}-->
|-
|-
| {{b| {{#var: Neustart}}}} || {{ButtonAus|{{#var:nein}} }} || {{#var:Neustart--desc}}<li class="list--element__alert list--element__hint">{{#var:Neustart--Hinweis}}</li>
| {{b|{{#var:Neustart nach Abbruch}}:}} || {{ButtonAus|{{#var:nein}} }} || {{#var:Neustart nach Abbruch--desc}}
|- style=display:{{#var:IKEv2}}
|- style=display:{{#var:IKEv2}}
| {{b|{{#var: Subnetzkombinationen gruppieren}} }}
| {{b|{{#var: Subnetzkombinationen gruppieren}} }}
| {{ButtonAn|{{#var:ja}} }}<p><li class="list--element__alert list--element__warning">{{#var:Gegenstelle unterstützt keine Subnetzkombinationen--Hinweis}}</li></p>  || {{#var:Subnetzkombinationen gruppieren--desc}}
| {{ButtonAn|{{#var:ja}} }}<br> <li class="list--element__alert list--element__warning">{{#var:Gegenstelle unterstützt keine Subnetzkombinationen--Hinweis}}</li>  || {{#var:Subnetzkombinationen gruppieren--desc}}
|-
|-
| {{b|{{#var:DHCP}} }} || {{ButtonAus|{{#var:Aus}} }} || {{#var:DHCP--desc}}<li class="list--element__alert list--element__hint">{{#var:DHCP--Hinweis}}</li>
| {{b|DHCP:}} || {{ButtonAus|{{#var:Aus}} }} || {{#var:DHCP--desc}}
|- class="Leerzeile"
|- class="Leerzeile"
|
|
Zeile 206: Zeile 193:
{| class="sptable2 pd5 zh1 einrücken"
{| class="sptable2 pd5 zh1 einrücken"
|- class="Leerzeile"
|- class="Leerzeile"
| colspan="3"| {{h6|{{#var:Adress-Pool Reiter}} }}<br>{{#var:Abschnitt}} {{Reiter|{{#var:Adress-Pool Reiter}}}}
| colspan="3" | {{h6|{{#var:Adress-Pool}} }} {{Reiter|{{#var:Adress-Pool}} }}
|-
|-
! {{#var:cap}} !! {{#var:val}} !! {{#var:desc}} || class="Bild" rowspan="3" | {{Bild| {{#var:Adress-Pool--Bild}}|{{#var:Adress-Pool--cap}} }}
! {{#var:cap}} !! {{#var:val}} !! {{#var:desc}}  
| class="Bild" rowspan="3" | {{Bild| {{#var:Adress-Pool--Bild}} |{{#var:Adress-Pool--cap}} }}
|-
|-
| {{b|{{#var:Lokales Netzwerk}} }} || {{ic|{{#var:Lokales Netzwerk--val}}|class=available}} || {{#var:Lokales Netzwerk--desc}}
| {{b|{{#var:Lokales Netzwerk}}:}} || {{ic|192.168.250.0/24|class=available}} || {{#var:Lokales Netzwerk--desc}}
|-
|-
| {{b|{{#var:Adress-Pool}} }}<br><small class=bold>{{#var:Adress-Pool--Hinweis}}</small> || {{ic|{{#var:Adress-Pool--val}}|class=available}} || {{#var:Adress-Pool--desc}}
| {{b|{{#var:Adress-Pool}} }}<br> <small class=bold>{{#var:Adress-Pool--Hinweis}}</small> || {{ic|192.168.22.35/24|class=available}} || {{#var:Adress-Pool--desc}}
|-
|-
|}
|}
Zeile 219: Zeile 207:
{| class="sptable2 pd5 zh1 einrücken"
{| class="sptable2 pd5 zh1 einrücken"
|- class="Leerzeile"
|- class="Leerzeile"
| colspan="3" | {{h6|{{#var:Subnetze}} }}<br>{{#var:Abschnitt}} {{Reiter|{{#var:Subnetze}} }}
| colspan="3" | {{h6|{{#var:Subnetze}} }}<br> {{#var:Abschnitt}} {{Reiter|{{#var:Subnetze}} }}
|- class="Leerzeile"
|- class="Leerzeile"
| rowspan="2" | || colspan="2" | {{#var:Szenario}} '''{{#var:Subnetze alle}}'''
| rowspan="2" | || colspan="2" | {{#var:Szenario}} '''{{#var:Subnetze alle}}'''
<p><li class="list--element__alert list--element__hint">{{#var:Subnetze alle--desc}}</li>
<p><li class="list--element__alert list--element__hint">{{#var:Subnetze alle--desc}}</li>
{{Einblenden|{{#var:Beispiel mit root-Login}}|{{#var:hide}}|dezent}}
{{Einblenden| {{#var:Beispiel mit root-Login}} | {{#var:hide}} |dezent}}
{{#var:Beispiel mit root-Login--desc}}<br>
{{#var:Beispiel mit root-Login--desc}}<br>
{{#var:Mit Subnetzkombinationen}}
{{#var:Mit Subnetzkombinationen}} {{ButtonAn|{{#var:ein}} }}


<code>root@firewall:~# swanctl --list-conns
<code>root@firewall:~# swanctl --list-conns
Zeile 263: Zeile 251:
</code>
</code>
</div></span></p>
</div></span></p>
| class="Bild" rowspan="2" | {{Bild | {{#var:Subnetze alle--Bild}}|{{#var:Subnetze alle--cap}} }}
| class="Bild" rowspan="2" | {{Bild| {{#var:Subnetze alle--Bild}} |{{#var:Subnetze alle--cap}} }}
|- class="Leerzeile"
|- class="Leerzeile"
|
|
Zeile 270: Zeile 258:
<p>{{#var:Subnetz teilweise--desc}}</p>{{Hinweis-box| {{#var:IKE-Multichannel--Netzwerkhinweis}} }}
<p>{{#var:Subnetz teilweise--desc}}</p>{{Hinweis-box| {{#var:IKE-Multichannel--Netzwerkhinweis}} }}
{{Hinweis-box| {{#var:IKE-Multichannel--Portfilter--Hinweis}} | gr}}
{{Hinweis-box| {{#var:IKE-Multichannel--Portfilter--Hinweis}} | gr}}
{{Einblenden|{{#var:Beispiel mit root-Login}}|{{#var:hide}}|dezent}}
{{Einblenden| {{#var:Beispiel mit root-Login}} | {{#var:hide}} |dezent}}
{{#var:Beispiel mit root-Login--desc}}<br>
{{#var:Beispiel mit root-Login--desc}}<br>
{{#var:Mit Subnetzkombinationen}}
{{#var:Mit Subnetzkombinationen}} {{ButtonAn|{{#var:ein}} }}
<code>root@firewall:~# swanctl --list-conns
<code>root@firewall:~# swanctl --list-conns
IPSec$20S2S: IKEv2, reauthentication every 3060s, no rekeying, dpd delay 10s
IPSec$20S2S: IKEv2, reauthentication every 3060s, no rekeying, dpd delay 10s
Zeile 306: Zeile 294:
</code>
</code>
</div></span>
</div></span>
| class="Bild" rowspan="2" | {{Bild | {{#var:Subnetz teilweise--Bild}}|{{#var:Subnetz teilweise--cap}} }}
| class="Bild" rowspan="2" | {{Bild| {{#var:Subnetz teilweise--Bild}} |{{#var:Subnetz teilweise--cap}} }}
|- class="Leerzeile"
|- class="Leerzeile"
|
|
Zeile 316: Zeile 304:
----
----
<div class="einrücken">
<div class="einrücken">
===== {{#var:Troubleshooting}} =====
===== Troubleshooting =====
<div class="einrücken">
<div class="einrücken">
{{#var:Troubleshooting--desc}}
{{#var:Troubleshooting--desc}}
{{#var:Gateway-ID--Hinweis}}
</div></div>
</div>
</div>
</includeonly>
</includeonly>

Aktuelle Version vom 3. April 2024, 12:24 Uhr

























































{{var | DH-Gruppe (PFS) | DH-Gruppe (PFS): | DH-Group (PFS):




























De.png
En.png
Fr.png

Konfiguration der Phase 1 und 2 für IPSec-Verbindungen.
Der Inhalt dieser Seite wird hier angezeigt:



Abgerufen von „https://wiki.securepoint.de/index.php?title=UTM/VPN/IPSec-Phase1-2&oldid=90852