User`s guide

201

All other fields should be configured as usual. It is possible to set up other IPsec groups

linked with other IPsec tunnels. This would be done if there is a second group of remote

sites that have a different set of local and remote subnets, or perhaps different encryption

requirements. The only real requirement is that this second group uses peer IDs that do not

match up with those in use by the first IPsec group.

IPsec Group configuration

This configuration holds information relating to the MySQL database, and the names of the

fields where the information is held. This configuration is also used to identify which IPsec

tunnels are used to create dynamic IPsec tunnels.

Example MySQL schema

mysql> describe eroutes;

+-----------+-------------+------+-----+---------+-------+

+-----------+-------------+------+-----+---------+-------+

| peerid | varchar(20) | NO | PRI | | |

+-----------+-------------+------+-----+---------+-------+

7 rows in set (0.01 sec)

Link this IPsec group with IPsec Tunnel

The base IPsec tunnel number. This parameter allows the router to see that an IPsec tunnel

should use the group configuration to retrieve dynamic information from the database.

Remote mask to use for tunnels

This parameter is used in the SQL SELECT query in conjunction with the destination IP

address of packets to be tunnelled from the host to the remote peer to identify the correct

record to select from the MySQL database.

MySQL Server IP Address or Hostname

The IP address or hostname of the MySQL Server.

MySQL Server Port

The port that the MySQL Server is listening on.

Username

The username to use when logging into the MySQL Server.

Password / Confirm Password

The password to use when logging into the MySQL Server.

Database name

The name of the database to connect to.

Database table