Vpn 2 – Sony AIRLINK HELIX 2140847 User Manual

Configuring AirLink Helix

Rev 3.0D May.10

39

VPN 2

The Helix can act as a Generic Routing Encapsulation (GRE) endpoint, providing
a means to encapsulate a wide variety of network layer packets inside IP
tunneling packets. With this feature you can reconfigure IP architectures without
worrying about connectivity. GRE creates a point-to-point link between routers on
an IP network.

The VPN 2 section allows configuration of the GRE tunnel on the Helix box.

Figure 8-2: ACEmanager: VPN 2 - VPN/IPSec

Figure 8-3: ACEmanager: VPN 2 - VPN/IPSec - GRE Tunnel

Perfect Forward

Secrecy

Yes or No. Provides additional security through a DH shared secret value. When this
feature is enabled, one key cannot be derived from another. This ensures previous and
subsequent encryption keys are secure even if one key is compromised.

IPSec Key Group

DH1, DH2, or DH5. Determines how the Helix VPN creates an SA with the VPN server. The
DH (Diffie-Hellman) key exchange protocol establishes pre-shared keys during the phase 1
authentication. Helix supports three prime key lengths, including Group 1 (768 bits), Group
2 (1,024 bits), and Group 5 (1,536 bits).

IPSec SA Life Time

180 to 86400. Determines how long the VPN tunnel is active in seconds. The default value
is 28,800 seconds, or 8 hours.

Command

Description

Command

Description

VPN 2 Type

Tunnel Disabled or GRE Tunnel. Enabling the GRE Tunnel will expose other options for
configuring the tunnel.

VPN Status

Disabled, Connected or Not Connected. Indicates the status of the GRE tunnel on the Helix
box.

VPN Gateway

Address

The IP address of the device that this client connects to. This IP address must be open to
connections from the Helix Box.