Netopia 6.3 User Manual
Page 75
75
Section 4
Configure
Peer Internal IP NetmaskThe Peer Internal IP Netmask is the subnet mask of the Peer Internal IP Network.
PFS DH Group
Perfect Forward Secrecy (PFS) is used during SA renegotiation. When PFS is
selected, a Diffie-Hellman key exchange is required. SafeHarbour supports PFS DH
Groups 1, 2 and 5.
Pre-Shared Key
The Pre-Shared Key is a parameter used for authenticating each side. The value
can be an ASCII or Hex and a maximum of 64 characters. ASCII is case-sensitive.
Pre-Shared Key Type
The Pre-Shared Key Type classifies the Pre-Shared Key. SafeHarbour supports
ASCII or HEX types
Name
The Name parameter refers to the name of the configured tunnel. This is mainly
used as an identifier for the administrator. The Name parameter is an ASCII value
and is limited to 31characters. The tunnel name is the only IPSec parameter that
does not need to match the peer gateway.
Negotiation Method
This parameter refers to the method used during the Phase I key exchange, or IKE
process. SafeHarbour supports Main or Aggressive Mode. Main mode requires 3
two-way message exchanges while Aggressive mode only requires 3 total mes-
sage exchanges.
SA Encrypt Type
SA Encryption Type refers to the symmetric encryption type. This encryption algo-
rithm will be used to encrypt each data packet. SA Encryption Type values sup-
ported include DES, 3DES, CAST and Blowfish.
SA Hash Type
SA Hash Type refers to the Authentication Hash algorithm used during SA negoti-
ation. Values supported include MD5 and SHA1. N/A will display if NONE is cho-
sen for Auth Protocol.
Soft MBytes
Setting the Soft MBytes parameter forces the renegotiation of the IPSec Security
Associations (SAs) at the configured Soft MByte value. The value can be config-
ured between 1 and 1,000,000 MB and refers to data traffic passed. If this value is
not achieved, the Hard MBytes parameter is enforced.
Soft Seconds
Setting the Soft Seconds parameter forces the renegotiation of the IPSec Security
Associations (SAs) at the configured Soft Seconds value. The value can be config-
ured between 60 and 1,000,000 seconds.