Netopia 2200 User Manual

Page 137

Advertising
background image

137

Security

PAT Address

If NAT is enabled, this field appears. You can specify a Por t Address Trans-
lation (PAT) address or leave the default all-zeroes (if Xauth is enabled). If
you leave the default. the address will be requested from the remote router
and dynamically applied to the Gateway.

Negotiation
Method

This parameter refers to the method used during the Phase I key
exchange, or IKE process. SafeHarbour suppor ts Main or Aggressive
Mode. Main mode requires 3 two-way message exchanges while Aggres-
sive mode only requires 3 total message exchanges.

Local ID type

If Aggressive mode is selected as the Negotiation Method, this option
appears. Selection options are: IP Address, Subnet, Hostname, ASCII

Local ID Address/
Value

If Aggressive mode is selected as the Negotiation Method, this field
appears. This is the local (Gateway-side) IP address (or Name Value, if Sub-
net or Hostname are selected as the Local ID Type).

Local ID Mask

If Aggressive mode is selected as the Negotiation Method, and Subnet as
the Local ID Type, this field appears. This is the local (Gateway-side) sub-
net mask.

Remote ID Type

If Aggressive mode is selected as the Negotiation Method, this option
appears. Selection options are: IP Address, Subnet, Hostname, ASCII.

Remote ID
Address/Value

If Aggressive mode is selected as the Negotiation Method, this field
appears. This is the remote (central-office-side) IP address (or Name Value,
if Subnet or Hostname are selected as the Local ID Type).

Remote ID Mask

If Aggressive mode is selected as the Negotiation Method, and Subnet as
the Remote ID Type, this field appears. This is the remote (central-office-
side) subnet mask.

Pre-Shared Key
Type

The Pre-Shared Key Type classifies the Pre-Shared Key. SafeHarbour sup-
por ts ASCII or HEX types

Pre-Shared Key

The Pre-Shared Key is a parameter used for authenticating each side. The
value can be ASCII or Hex and a maximum of 64 characters. ASCII is case-
sensitive.

DH Group

Diffie-Hellman is a public key algorithm used between two systems to
determine and deliver secret keys used for encr yption. Groups 1, 2 and 5
are suppor ted.

PFS Enable

Per fect For ward Secrecy (PFS) is used during SA renegotiation. When PFS
is selected, a Diffie-Hellman key exchange is required. If enabled, the PFS
DH group follows the IKE phase 1 DH group.

SA Encrypt Type

SA Encr yption Type refers to the symmetric encr yption type. This encr yp-
tion algorithm will be used to encr ypt each data packet. SA Encr yption
Type values suppor ted include DES and 3DES.

Table 3: IPSec Tunnel Details page parameters

Advertising
Popular Brands
Popular manuals