Configure IKEv2 Traffic Selectors

In IKEv2, you can configure Traffic Selectors, which are components of network traffic that are used during IKE negotiation. Traffic selectors are used during the CHILD_SA (tunnel creation) Phase 2 to set up the tunnel and to determine what traffic is allowed through the tunnel. The two IKE gateway peers must negotiate and agree on their traffic selectors; otherwise, one side narrows its address range to reach agreement. One IKE connection can have multiple tunnels; for example, you can assign different tunnels to each department to isolate their traffic. Separation of traffic also allows features such as QoS to be implemented. Use the following workflow to configure traffic selectors.
  1. Select NetworkIPSec TunnelsProxy IDs.
  2. Select the IPv4 or IPv6 tab.
  3. Click Add and enter the Name in the Proxy ID field.
  4. In the Local field, enter the Source IP Address.
  5. In the Remote field, enter the Destination IP Address.
  6. In the Protocol field, select the transport protocol (TCP or UDP) from the drop-down.
  7. Click OK.

Related Documentation