IKEv2 Configuration Examples

Remote Access

RSA authentication with X.509 certificates

IPv4

IPv6

NAT

PSK authentication with pre-shared keys (IP)

IPv4

IPv6

NAT

PSK authentication with pre-shared keys (FQDN)

IPv4

EAP_AKA authentication

IPv4

EAP_AKA authentication with EAP identity

IPv4

EAP_SIM authentication

IPv4

RADIUS

EAP_SIM authentication with EAP identity

RADIUS

EAP_SIM only authentication

RADIUS

EAP_MSCHAPv2 authentication with EAP identity

IPv4

EAP_MD5 authentication

IPv4

RADIUS

EAP_MD5 authentication with EAP identity

IPv4

RADIUS

EAP_TLS authentication

IPv4

RADIUS

EAP_TTLS with EAP_MD5 client authentication

IPv4

RADIUS

EAP_PEAP with EAP_MD5 client authentication

IPv4

RADIUS

EAP_PEAP with EAP_MSCHAPv2 client authentication

IPv4

Remote Access with Virtual IP Adresses

RAM-based server-side virtual IP pool

IPv4

DB-based server-side virtual IP pool

IPv4

Static server-side virtual IP addresses

IPv4

Two RAM-based server-side virtual IP pools

IPv4

IPv4/IPv6

Two DB-based server-side virtual IP pools

IPv4

IPv4/IPv6

Site-to-Site

RSA authentication with X.509 certificates

IPv4

IPv6

PSK authentication with pre-shared keys

IPv4

Connection setup automatically started by daemon

IPv4

Connection setup triggered by data to be tunneled

IPv4

Host-to-Host

IPsec tunnel mode with X.509 certificates

IPv4

IPv6

IPsec transport mode with X.509 certificates

IPv4

IPv6

IP Protocol and Port Policies

IPsec tunnel restricted to ICMP and ssh protocols

IPv4

Complete List