HotBrick LoadBalancer LB-2 User Manual

How To establish an IPSec VPN tunnel with LB-2 VPN

Property of HotBrick — 2005

11

VPN Policy References

IPSec Global Setting

Enable
Enabling WAN 1, WAN 2 or Both will start global setting.

ISAkmp Port
Designed to negotiate, establish, modify and delete security associations and their attributes which
was assigned by IANA UDP port 500.

Phase 1 DH Group
Use DH Group 1 (768-bits), DH Group 2 (1024-bits), Group 5 (1536-bits) to generate IP Sec SA
Keys.

Phase 1 Encryption Method
There are 3 data encryption methods available: DES, 2DES, and AES.

Phase 1 Authentication Method
There are 2 authentication methods available: MD5 and SHA1 (Secure Hash Algorithm)

Phase 1 SA Life Time
By default the Security Association lifetime is set at 28800 Sec.

Maxtime to complete phase 1
Aim of phase 1 is to authenticate and establish a secure tunnel, which will protect further IKE
negotiation. The maximum time default is 30 Sec.

Maxtime to complete phase 2
Maximum time to establish the IPSec SAs. By default the maximum time is 30 Sec.

Log Levels

Select a VPN log level that you like to display on VPN log.

VPN Policy Setup

IPSec Traffic Binding

VPN Tunnel List
Shows tunnels you have entered. The router can be setup to 50 tunnels.

Tunnel Name
Distinguishes “tunnels” by names

Tunnel
The tunnel can only be connected when the ENABLE check box is selected.

WAN port
You can choose WAN 1, WAN 2 or any to make the VPN connection.