Asus SL1000 User Manual

Page 105

Advertising
background image

Internet Security Router User

’s Manual

Chapter 10. Configuring VPN

89

Options

Description

Xauth (aggressive
mode only)

Xauth is a user ID and password based authentication. This option is
available only when aggressive mode is selected.

Preshared Key

Enter the shared secret (this should match the secret key at the other end).

IKE Encryption /
Authentication

Select the IKE authentication and encryption from the drop-down list.

All
3DES & SHA1-DH2
3DES & MD5-DH2
DES & SHA1-DH2
DES & MD5-DH2
3DES & SHA1-DH1
DES & MD5-DH1
DES & SHA1-DH1
DES & MD5-DH1
3DES & SHA1-DH5
3DES & MD5-DH5
DES & SHA1-DH5
DES & MD5-DH5

Note: It is recommended that you choose All to have all the IKE proposals
associated with the current tunnel and allow IKE to automatically select one
(among the set of IKE proposals) to communicate with its peer. However, if
a specific proposal is required, then it can be chosen from the list.

Life Time

Enter the IKE security association life time in seconds, minutes, hours or
days.

IPSec Proposal Settings

IPSec Encryption /
Authentication

Select one of the following pre-configured IKE proposals from the drop-
down list. If

“All” is selected, all the pre-configured proposals will be

associated with existing tunnel and one (among the set of IPSec proposals)
will be selected automatically and used by IPSec to communicate with its
peer.

All
Strong Encryption & Authentication (ESP 3DES HMAC SHA1)
Strong Encryption & Authentication (ESP 3DES HMAC MD5)
Encryption & Authentication (ESP DES HMAC SHA1)
Encryption & Authentication (ESP DES HMAC MD5)
Authentication (AH SHA1)
Authentication (AH MD5)
Strong Encryption (ESP 3DES)
Encryption (ESP DES)
Authentication (ESP SHA1)
Authentication (ESP MD5)

Chained
Encryption /
Authentication

You can add additional security to the VPN tunnel by using both ESP and
AH protocols together (also called chained encryption/authentication). The
only combination supported is ESP encapsulated by AH. To turn on this
functionality, first select ESP IPSec proposal from the IPSec
Encryption/Authentication drop-down list and then click on either the AH
SHA-1 or AH MD-5 radio button in the Chained Encryption / Authentication
field.

Operation Mode

Click the radio button to select Tunnel or Transport mode.

Advertising
Popular Brands
Popular manuals