IKEv2 is configured under
.- VPN connections
- In this section, you configure the IKEv2 VPN connections and the connection parameters.
- Authentication
- This table is used to define the identities for your VPN connections.
- Digital signature profile
- This table is used to specify the authentication methods for your VPN connections.
- Encryption
- This table is used to set the encryption parameters.
- Addresses for dial-in access (CFG mode server)
- Use this table to specify the parameters that the device CFG mode assigns to the dial-in clients.
- Extended settings
- This section is used to configure the settings for the authentication of other remote identities, the IKEv2 rekeying parameters, and the prefixes for IKEv2 routing.
In order to configure an IKEv2 connection, you first need to make an entry in the Connection list. LCOS contains default entries in order to minimize the effort of configuration. Most of these entries contain default parameters with common settings for strong encryption algorithms, dead-peer-detection, and lifetimes. All you need to do is specify the address of the VPN remote peer, the authentication parameters (under Authentication), and the VPN rules (under ).
Note: The console command show vpn displays whether the VPN connection was established successfully.