Multi-Tech Systems RF660 User Manual

Page 109

Advertising
background image

Chapter 6 – RouteFinder Software

Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D)

109

VPN > IPSec > Manual

Add a Manual Connection

Add Manual Connection

Connection Name

Enter a text name that will identify the connection for you.

Compression

Check the compression checkbox to enable IPCOMP, the compression algorithm.

Authentication Method

Decides the encryption and authentication algorithms to be used for the respective security services.
Options are:

Authentication only:

1. AH using MD5 –128 bit key

2. AH using SHA1 – 160 bit key

Encryption only:

1. ESP (Encapsulating Security Payload) using AES

2. ESP using DES – 56 bit key

3. ESP using 3DES – 192 bit key

Encryption & Authentication:

1. ESP using 3DES for encryption and MD5 for authentication

2. ESP using 3DES for encryption and SHA1 for authentication

3. ESP using 3DES for encryption and AH MD5 for authentication

4. ESP using 3DES for encryption and AH SHA1 for authentication

Note:

Encryption without authentication is not recommended since it is not secure.

SPI Base

Security Parameter Index identifies a manual connection. The SPI is a unique identifier in the SA (Secure
Association – a type of secure connection) that allows the receiving computer to select the SA under which
a packet will be processed. The SPI Base is a number needed by the manual keying code. Enter any 3-
digit hexadecimal number, which is unique for a security association. It should be in the form 0xhex (a
number between 0x100 - 0xfff is recommended). If you have more than one manual connection, then the
SPI Base must be different for each one.

ESP Encryption Key (Espenckey) -

The VPN firewall box uses 3DES as its encryption algorithm. 3DES

uses a 192 bit hexadecimal number as its encryption key.

ESP Authentication Key (Espauthkey) -

The VPN firewall could use either MD5 or SHA1 for ESP

authentication:

MD5 - 128 bit key example: 0x0123456789012345678901234567890ab.

SHA1 - 160 bit key example: 0x01234567890123456789012345678901234567890

AH Key

The VPN firewall could use either MD5 or SHA1 for authentication

MD5 - 128 bit key example: 0x0123456789012345678901234567890ab.
SHA1 - 160 bit key example: 0x01234567890123456789012345678901234567890

Local WAN IP

Select the Interface to initiate the IPSec tunnel (Left Security Gateway). Options are LAN, WAN, and DMZ.

Advertising
This manual is related to the following products:

RF600

Popular Brands
Popular manuals