Prestige 334 User’s Guide
Chapter 34 VPN/IPSec Setup
316
Local Addr
Start
When the
Addr Type
field in
Menu 27.1.1 IPSec Setup
is configured to
Single
, this is a
static IP address on the LAN behind your Prestige.
When the
Addr Type
field in
Menu 27.1.1 IPSec Setup
is configured to
Range
, this is
the beginning (static) IP address, in a range of computers on the LAN behind your Pres-
tige.
When the
Addr Type
field in
Menu 27.1.1 IPSec Setup
is configured to
SUBNET
, this
is a static IP address on the LAN behind your Prestige.
Local Addr
End
When the
Addr Type
field in
Menu 27.1.1 IPSec Setup
is configured to
Single
, this is
the same (static) IP address as in the
Local Addr Start
field.
When the
Addr Type
field in
Menu 27.1.1 IPSec Setup
is configured to
Range
, this is
the end (static) IP address, in a range of computers on the LAN behind your Prestige.
When the
Addr Type
field in
Menu 27.1.1 IPSec Setup
is configured to
SUBNET
, this
is a subnet mask on the LAN behind your Prestige.
Encap
This field displays
Tunnel
mode
or
Transport
mode. See earlier for a discussion of
these. You need to finish configuring the VPN policy in menu 27.1.1.1 or 27.1.1.2 if
???
is displayed.
IPSec
Algorithm
This field displays the security protocols used for an SA.
ESP
provides confidentiality
and integrity of data by encrypting the data and encapsulating it into IP packets. Encryp-
tion methods include 56-bit
DES
and 168-bit
3DES
.
NULL
denotes a tunnel without
encryption.
AH
(Authentication Header) provides strong integrity and authentication by adding
authentication information to IP packets. This authentication information is calculated
using header and payload data in the IP packet. This provides an additional level of
security.
AH
choices are
MD5
(default - 128 bits) and
SHA -1
(160 bits)
.
Both
AH
and
ESP
increase the Prestige’s processing requirements and communica-
tions latency (delay).
You need to finish configuring the VPN policy in menu 27.1.1.1 or 27.1.1.2 if
???
is
displayed.
Key Mgt
This field displays the SA’s type of key management, (
IKE
or
Manual
).
Remote Addr
Start
When the
Addr Type
field in
Menu 27.1.1 IPSec Setup
is configured to
Single
, this is a
static IP address on the network behind the remote IPSec router.
When the
Addr Type
field in
Menu 27.1.1 IPSec Setup
is configured to
Range
, this is
the beginning (static) IP address, in a range of computers on the network behind the
remote IPSec router.
When the
Addr Type
field in
Menu 27.1.1 IPSec Setup
is configured to
SUBNET
, this
is a static IP address on the network behind the remote IPSec router.
This field displays
N/A
when you configure the
Secure Gateway Addr
field in SMT
27.1.1 to 0.0.0.0.
Table 104
Menu 27.1 IPSec Summary
FIELD
DESCRIPTION