The address of the external interface for a customer gateway must be a static address. the customer gateway can reside behind a device performing network Address Translation (NAT) To ensure that NAT Transversal (NAT-T) can function, add, and update the firewall rules, allow UDP port 4500. Disable NAT-T if the customer gateway is not behind a NAT gateway.

• Authentication Method: Pre-Shared Key
• Pre-Shared Key: LwYbARmDJmpFGOrAbPGk2uQiWwvbmfU
• Authentication Algorithm: sha1
• Encryption Algorithm: aes-128-cbc
• Lifetime: 28800 seconds
• Phase 1 Negotiation Method: main
• Perfect Forward Secrecy: Diffie-Hellman Group 2