Configuring VPN
IPSec Policy
Services Ready Platform SRP 500 Series Administration Guide 122
7
Field Description
General
Policy Number The policy index that you are going to configure.
Policy Name A unique name for bringing up a tunnel.
Policy Type There are two types, Auto Policy and Manual Policy. The
Auto Policy type will use IKE protocol to negotiate
random keys, therefore it first requires an IKE policy as
well. The Manual Policy type will NOT use IKE, which is
more simple, but less secure.
Remote Endpoint The remote gateway that you are going to connect to
establish a IPSec VPN tunnel. Your choices are IP
Address, Any, or FQDN. The Any option will only appear
in Auto Policy and is available to increase security level
for roaming users. The FQDN option requires a Full
Qualified Domain Name. Ensure that the domain name
can be resolved into IP address by a correct DNS server
if the VPN tunnel can not be established.
Encryption
Algorithm
Encryption algorithm of IPSec SA. Choices are DES,
3DES, AES128, AES192, and AES256.
Integrity Algorithm Authentication algorithm for IPSec SA. Choices are MD5
and SHA1.
Auto Policy Parameters
PFS Perfect Forward Secrecy, if enabled, it can prevent a
new key from being predictable by previous one.
Pre Shared Key Used by IKE.
SA Lifetime IPSec SA life time in seconds.
Manual Policy Parameters
SPI Incoming A HEX value, range from 0x100 to 0xffffffff.
SPI Outgoing A HEX value, range from 0x100 to 0xffffffff.
Encryption
Algorithm Key
A HEX value, the length depends on the key type of
Encryption Algorithm above. For example, 3DES length
is 32.
To Next Page
Loading...
Need help?
General
