IPSEC
Everything related to IPsec tunnel from creation to diagnostic
Groupe Diffie-Hellman (DH)
Here are bits information for every DH group
MODP
- 1 (768 bits)
- 2 (1024 bits)
- 5 (1536 bits)
- 14 (2048 bits)
- 15 (3072 bits)
ECP
- 19 (256 bits random)
- 20 (384 bits random)
Diagnose
Use these command to diagnose an IPsec tunnel
diagnose vpn ike log filter name <tunnel name>
diagnose debug application ike -1
diagnose debug enableCreation
Use these command to create a new tunnel
config vpn ipsec phase1-interface
edit "new_name"
end