In WSS, does the IPsec/VPN firewall access method support both IKEv1 and IKEv2 configurations?
WSS supports both IKEv1 and IKEv2 for IPsec/VPN...with these specific configurations:
(IKEv1) Main Mode PSK authentication using static IP as the peer ID
(IKEv2) PSK authentication using FQDN as the peer ID
- IKEv2 with FQDN is recommended if the firewall/router does NOT have a static egress IP
- With IKEv1, WSS does not support Aggressive Mode (WSS only supports Main Mode with IKEv1)
- With IKEv1, FQDN is not supported