Use manual policy to configure vpn tunnels, Use manual, Policy to configure vpn tunnels – On Networks N300RM User Manual User Manual

Virtual Private Networking

91

N300 WiFi ADSL2+ Modem Router (N300RM)

•

Enable IPSec PFS (Perfect Forward Secrecy)

. If this check box is selected, security is

enhanced by ensuring that the key is changed at regular intervals. Also, even if one key
is broken, subsequent keys are no easier to break. (Each key has no relationship to the
previous key.)

This setting applies to both IKE and IPSec SAs. When configuring the remote endpoint to
match this setting, you might have to specify the key group used. For this device, the key
group is the same as the DH Group setting in the IKE section.

Use Manual Policy to Configure VPN Tunnels

As an alternative to IKE, you can use manual keying, in which you need to specify each

phase of the connection. A manual VPN policy requires all settings for the VPN tunnel to be
manually input at each end (both VPN endpoints).



To create a policy manually:

1.

Select Advanced VPN Policies.

2.

On the VPN Policy screen, click the Add Manual Policy radio button.

The following sections explain the fields in the VPN Manual Policy screen.

VPN Manual Policy General Settings

The VPN tunnel network connection fields are as follows.

•

Policy Name

. Enter a unique name to identify this policy. This name is not supplied to

the remote VPN endpoint. It is used only to help you manage the policies.

•

Remote VPN Endpoint

. The remote VPN endpoint has to have this VPN gateway’s

address entered as its remote VPN endpoint.