Advanced - vpn, Ipsec tunnel – SMC Networks SMC Barricade Plus SMCBR18VPN User Manual

7.9 | Advanced Setup - VPN

7.9.1 | IPSec Tunnel

VPN settings are used to create virtual private tunnels to remote VPN gateways. The tunnel

technology supports data confidentiality, data origin authentication and data integrity of network

information, by utilizing encapsulation protocols, encryption algorithms, and hashing algorithms.

• VPN: VPN protects network information from intruders. However, it greatly decreases

network throughput. Enable it only when a security tunnel is absolutely necessary. This

feature is disabled by default.

• Max. Number of Tunnels: Set the number of tunnels that are allowed to be in operation

simultaneously.

• Tunnel name: Lists the monitored tunnel.

• Method: IPSec VPN supports two kinds of key-exchange methods: manual key exchange

and the automatic key exchange. The manual key exchange method indicates that the

authenticator and the encryption key of the two end VPN gateways are setup manually

by the system managers. However, the IKE method performs an automatic Internet key

exchange. The system managers of both end gateways only need to set the same pre-

shared key.

• “More” button: Click the “More” button to setup detailed configuration for Manual key or

IKE methods.

There are three settings that must be configured to enable IKE for a dedicated tunnel:

• Basic setup

• IKE proposal setup

• IPSec proposal setup

Basic Setup

• Local Subnet: The subnet of the local VPN gateway’s LAN site. The subnet can be a host,

a partial subnet, or the whole subnet of the local gateway’s LAN site.