HotBrick LoadBalancer LB-2 User Manual
Page 12
How To establish an IPSec VPN tunnel with LB-2 VPN
Property of HotBrick — 2005
12
PPPoE Session
Some ISP’s offer multiple sessions when using PPPoE to make VPN connections. These PPPoE
sessions can be selected to construct VPN tunnels.
Traffic Selector
Service
Protocol Type: Choices are TCP/UDP/ICMP/GRE as your connection protocol. By default the
protocol type is “Any”.
Local Security Network
These entries identify the private network on the VPN gateway and the hosts of which can use the
LAN-to-LAN connection. You can choose a single IP address, the subnet, or a selected IP Range to
make VPN LAN-to-LAN connection.
Remote Security Network
These entries identify the private network on the remote peer VPN router whose hists can use the
LAN-to-LAN connection. You can choose a single IP address, the subnet, or a selected IP Range to
make VPN connection.
Remote Security Gateway
Select either remote side domain name or remote side IP address (WAN IP Address) as your remote
side security gateway.
Security Level
Encryption Method
It specifies the encryption method to use. Data encryption makes the data unreadable if intercepted.
There are 3 encryption methods available: DES, 3DES, and AES. The default is null.
Authentication
This specifies the packet authentication mechanism to use. Packet authentication confirms the data’s
source. There are 3 authentications available: MD5, SHA1 and SHA2.
Key Management
Key – Key Type:
There are 2 key types (manual key and auto key) available for the key exchange management.
Manual Key
If manual key is selected, no key negotiation is needed.
Encryption Key
This field specifies a key to encrypt and decrypt IP traffic.
Authentication Key
This field specifies a key to use to authentication IP traffic
Inbound/outbound
SPI (Security Parameter Index) is carried on the ESP header. Each tunnel must have a unique
inbound and outbound SPI and no 2 share the same SPI. Notice that Inbound SPI must match the
other router’s outbound SPI.