Applies To:
Show VersionsBIG-IQ Centralized Management
- 6.0.1
Configure the BIG-IQ to manage an IPsec tunnel
How do I start managing an IPsec tunnel?
You can use BIG-IQ® Centralized Management to manage an IPsec tunnel. To set up IPsec tunnel management, you need to:
- Configure a data collection device.
- Configure the BIG-IQ system to manage
the IPsec tunnel.
- Create a forwarding virtual server for IPsec.
- Create an IKE peer.
- Create a custom IPsec policy.
- Create a bidirectional IPsec traffic selector.
- Configure the IKE daemon.
- Verify IPsec connectivity.
After you complete these initial configuration tasks, you can manage the settings that control your IPsec tunnel traffic. You can also use the BIG-IQ statistics to troubleshoot the tunnel health.
Create a forwarding virtual server for IPsec
Create an IKE peer
The IKE peer object identifies to the system you are configuring the other device that it communicates with during Phase 1 negotiations. The IKE peer object also specifies the specific algorithms and credentials to use for Phase 1 negotiation.
Create a custom IPsec policy
Create a bidirectional IPsec traffic selector
Configure the IKE daemon
Verify IPsec connectivity
After you have configured an IPsec tunnel and before you configure additional functionality, you can verify that the tunnel is passing traffic.