8 remote access, 2 vpn – Asus SL1000 User Manual

Internet Security Router User

’s Manual

Chapter 2 Getting to Know the Internet Security Router

7

„ Alerts sent to the administrator via e-mail.
„ Maintains at a minimum, log details such as, time of packet arrival, description of action taken by

Firewall and reason for action.

„ Supports the UNIX Syslog format.
„ Sends log report e-mails as scheduled by the network administrator or by default when the log file is

full.

„ All the messages are sent in the WELF format.
„ ICMP logging to show code and type.

2.4.1.8

Remote Access

The Internet Security Router Firewall allows the network administrator to segregate the user community into
Access Policies per group. A user can log in using the login page (Refer to

“User Login Process” on page 67).

After a user is authenticated successfully, the Internet Security Router Firewall dynamically activates the user-
group

’s set of access policies.

These policies will subsequently be enforced until the user logs out of the session or until inactivity timeout
period has lapsed.

2.4.2

VPN

The introduction of broadband Internet access at an affordable price has attracted a large number of users to
use the Internet for business. Large-scale use of a very open public network such as, the Internet comes with a
lot of advantages and associated risks. These risks include the lack of confidentiality of data being sent and the
authenticity of the identities of the parties involved in the exchange of data. The VPN supported in the Internet
Security Router is intended to resolve these issues at an affordable price.

The VPN supported by the Internet Security Router is IPSec compliant. Packets sent via VPN are encrypted to
maintain privacy. The encrypted packets are then tunneled through a public network. As a result, tunnel
participants enjoy the same security features and facilities that are available only to members of private
networks at a reduced cost.

The following table lists the VPN features supported by the Internet Security Router:

Table 2.4. VPN Features of the Internet Security Router

Features

Transport Mode for Client-Client Connectivity

Tunnel Mode for Network-Network Connectivity

IP Fragmentation and Reassembly

IPSec

Support

Hardware Encryption Algorithm

DES, 3DES

Hardware Authentication Algorithm MD5, SHA-1

Transforms

ESP, AH

Key Management

IKE (Pre-shared key), Manual

Mode configuration for IKE

Main Mode, Aggressive Mode, Quick
Mode

„ Site-to-Site VPN connection – Site-to-Site VPN connection is an alternative WAN infrastructure that is

used to connect branch offices, home offices, or business partners

’ sites to all or portions of a

company

’s network.