What can I do here?
Use this window to set IKE security associations and enable NAT inside the community.
Getting Here - SmartConsole > Security Policies > Access Control > Policy > Access Tools > VPN Communities > New Star Community > Advanced |
IKE is the Internet Key Exchange protocol used in VPN for exchanging key-building material. Despite the name, keys are never actually exchanged. Only the material (random bits and mathematical data) used to build the keys are exchanged. IKE takes place in two phases.
IKE (Phase 1)
Change the default settings to alter the way the IKE Security Association is negotiated.
IPSEC (Phase 2)
Change the default settings to alter the way the IPSEC Security Association is negotiated.
NAT
Even if NAT is configured it is possible to disable NAT inside the VPN community. If NAT is disabled, when a host behind a community member opens a connection with another host behind a community member, the original IP addresses are used. Other connections use the translated address.