Configuration | User Management | Base Group
VPN 3000 Concentrator Series User Guide
client specifically designed to work with the VPN Concentrator. However, the VPN Concentrator
can establish IPSec connections with many protocol-compliant clients.
L2TP over IPSec = L2TP using IPSec for security (not checked by default). L2TP packets are
encapsulated within IPSec, thus providing an additional authentication and encryption layer for
security. L2TP over IPSec is a client-server protocol, and it provides interoperability with the
Windows 2000 VPN client and other compliant remote-access clients.
Note: If no protocol is selected, no user clients can access or use the VPN.
Figure 12-3: Configuration | User Management | Base Group screen, IPSec tab
IPSec Parameters tab
This tab lets you configure IP Security Protocol parameters that apply to the base group. If you checked
IPSec or L2TP over IPSec under Tunneling Protocols on the General Parameters tab, configure this section.
Click the drop-down menu button and select the IPSec Security Association (SA) assigned to IPSec
clients. During tunnel establishment, the client and server negotiate a Security Association that governs
authentication, encryption, encapsulation, key management, etc. You configure IPSec Security
Associations on the
Configuration | Policy Management | Traffic Management | Security Associations screens.