Title: How to Configure the RG-NBR Router Serving as Branch Gateway When IPsec VPN Headquarter Gateway Uses Main Mode? [Print this page] Author: zhangqiao@ruiji Time: 2024-10-8 10:51 Title: How to Configure the RG-NBR Router Serving as Branch Gateway When IPsec VPN Headquarter Gateway Uses Main Mode? Keywords:
IPsec VPN, Main Mode
1. Device Model and Firmware
Device Type
Device Model
Firmware Version
Reyee NBR router
NBR6215-E
NBR_RGOS 11.9(6)B17P3, Release(11161700)
2. Configuration Procedure
When configuring IPsec or L2TP over IPsec VPN on the NBR router’s web UI, the default negotiation mode for the VPN is set to the aggressive mode.
You can find the delivered commands by pressing the F12 key.
You can also run the following command on the CLI.
Ruijie#showrun | be ipsec pr
You cannot change the mode to main mode directly through the NBR router’s web UI, but need to enter the CLI to make configuration changes. The steps are as follows:
Run the showrun | be ipsec pr command to view the IPsec profile.
Enter the profile configuration mode (copy the profile and paste it in the CLI).
Run the show this command to display the profile configuration to verify that the correct profile is copied.
Run the following command to change the negotiation mode from aggressive mode to main mode.
set exchange-mode main
After changing the configuration, running the show this command does not display the configured main mode command. This is because the main mode is the default working mode of IPsec on the NBR router.
Save the changes.
Welcome to Ruijie Community (https://community.ruijienetworks.com/)
