NETGEAR ADSL Firewall Router DG834 User Manual

Reference Manual for the ADSL Firewall Router DG834

Virtual Private Networking (Advanced Feature)

7-5

202-10005-05, June 2005

•

What method will you use to configure your VPN tunnels?

— The VPN Wizard using VPNC defaults (see

Table 7-2

)

— The typical automated Internet Key Exchange (IKE) setup (see

“Using Auto Policy to

Configure VPN Tunnels” on page 7-36

)

— A Manual Keying setup in which you must specify each phase of the connection (see

“Using Manual Policy to Configure VPN Tunnels” on page 7-48

)?

•

What level of IPSec VPN encryption will you use?

— DES - The Data Encryption Standard (DES) processes input data that is 64 bits wide,

encrypting these values using a 56 bit key. Faster but less secure than 3DES.

— 3DES - (Triple DES) achieves a higher level of security by encrypting the data three times

using DES with three different, unrelated keys.

•

What level of authentication will you use?

— MDS: 128 bits, faster but less secure.

— SHA-1: 160 bits, slower but more secure.

Table 7-2.

Parameters Recommended by the VPNC and Used in the VPN Wizard

Parameter

Factory Default

Secure Association

Main Mode

Authentication Method

Pre-shared Key

Encryption Method

3DES

Authentication Protocol

SHA-1

Diffie-Hellman (DH) Group

Group 2 (1024 bit)

Key Life

8 hours

IKE Life Time

1 hour

NETBIOS

Enabled

Note:

NETGEAR publishes additional interoperability scenarios with various gateway

and client software products. Look on the NETGEAR web site at

www.netgear.com

for these interoperability scenarios.