Contents

Configure Phase 1 and Phase 2 Settings

You configure Phase 1 and Phase 2 settings for each IPSec VPN.

Branch Office VPN

For a manual Branch Office VPN (BOVPN), you configure Phase 1 settings when you define a Branch Office gateway, and you configure Phase 2 settings when you define a Branch Office tunnel. 

For more information about BOVPN Phase 1 and Phase 2 settings, see:

For a BOVPN virtual interface Phase 1 and Phase 2 settings are in the BOVPN virtual interface configuration. For more information, see Configure a BOVPN Virtual Interface.

For a managed Branch Office VPN, you configure the Phase 1 and Phase 2 settings when you add a Security Template.

For more information, see Add Security Templates

Mobile VPN with IPSec

For Mobile VPN with IPSec, Mobile VPN with L2TP, and Mobile VPN with IKEv2, many of the  Phase 1 and Phase 2 settings are set automatically by the setup wizards. You can also manage these settings in the Web UI or Policy Manager.

For Mobile VPN with IPSec, you configure the Phase 1 and Phase 2 settings when you add or edit a Mobile VPN with IPSec configuration.

For more information, see:

Use a Certificate for IPSec VPN Tunnel Authentication

When an IPSec tunnel is created, the IPSec protocol checks the identity of each endpoint with either a pre-shared key (PSK) or a certificate imported and stored on the Firebox. You configure the tunnel authentication method in the VPN Phase 1 settings.

For more information about how to use a certificate for tunnel authentication, see:

See Also

About IPSec VPN Negotiations

Give Us Feedback  ●   Get Support  ●   All Product Documentation  ●   Technical Search