AWS Specific Cloud Configuration

  1. Internet Key Exchange Configuration
The address of the external interface for a customer gateway must be a static address. the customer gateway can reside behind a device performing network Address Translation (NAT) To ensure that NAT Transversal (NAT-T) can function, add, and update the firewall rules, allow UDP port 4500. Disable NAT-T if the customer gateway is not behind a NAT gateway.
  • Authentication Method: Pre-Shared Key
  • Pre-Shared Key: LwYbARmDJmpFGOrAbPGk2uQiWwvbmfU
  • Authentication Algorithm: sha1
  • Encryption Algorithm: aes-128-cbc
  • Lifetime: 28800 seconds
  • Phase 1 Negotiation Method: main
  • Perfect Forward Secrecy: Diffie-Hellman Group 2