Configuring the Virtual Router Appliance
Now, that your Citrix Netscaler VPX is configured, you need to configure the IBM Virtual Router Appliance (VRA).
To do so, use the following syntax:
set security vpn ipsec esp-group ESP lifetime '86400'
set security vpn ipsec esp-group ESP mode 'tunnel'
set security vpn ipsec esp-group ESP pfs 'disable'
set security vpn ipsec esp-group ESP proposal 1 encryption 'aes256'
set security vpn ipsec esp-group ESP proposal 1 hash 'sha1'
set security vpn ipsec ike-group IKE lifetime '86400'
set security vpn ipsec ike-group IKE proposal 1 dh-group '2'
set security vpn ipsec ike-group IKE proposal 1 encryption 'aes256'
set security vpn ipsec ike-group IKE proposal 1 hash 'sha1'
set security vpn ipsec site-to-site peer 10.143.220.106 authentication mode 'pre-shared-secret'
set security vpn ipsec site-to-site peer 10.143.220.106 authentication pre-shared-secret 'ipsecpskvpxvra'
set security vpn ipsec site-to-site peer 10.143.220.106 connection-type 'initiate'
set security vpn ipsec site-to-site peer 10.143.220.106 default-esp-group 'ESP'
set security vpn ipsec site-to-site peer 10.143.220.106 ike-group 'IKE'
set security vpn ipsec site-to-site peer 10.143.220.106 local-address '10.115.168.144'
set security vpn ipsec site-to-site peer 10.143.220.106 tunnel 1 local prefix '10.115.72.192/26'
set security vpn ipsec site-to-site peer 10.143.220.106 tunnel 1 remote prefix '192.168.0.0/24'