The IPsec Policy specifies the authentication and encryption algorithms and encapsulation mode to use for the established VPN connection. It defines the parameters used to establish phase 2 of an IPsec tunnel.
City Control Panel will display a list containing all IPSEC Policies in Networking > VPN Services > IPSEC Policies (Figure 1 ).
Figure 1. IPsec Policies list
The user can click to the right for more actions, as shown in the image below (Figure 2).
Figure 2. Edit or delete an IPsec Policy
Create a new IPSEC Policy by clicking the creation button at the top of the IPSEC Policies page (Figure 3).
Figure 3. Create new IPSEC Policy - button
When creating a new IPSEC Policy the user should choose the settings for the IPSEC Policy (Figure 4).
- Name: Name of the IPSEC policy
- Region: Datacenter
- Authorization algorithms: Authentication algorithm ( SHA1)
- Encryption algorithm: 3DS, AES-128, AES-196, AES-256
- Encapsulation mode: Encapsulation mode for IPsec policy; Tunnel, transport
- Perfect Forward Secrecy (PFS): Group 2, Group 5, Group 14
- Transform protocol: Transform protocol for IPsec policy; ESP, AH, AH-SEP
- Lifetime: IPsec lifetime attributes. In seconds.
Figure 4. Create an IPsec Policy