Gateway DPC3925, EPC3925 Section Field Description Key, Auto IKE, Manual

Page 60

Configure Security

 

 

 

 

Section

Field Description

 

 

Key

Select one of the following options for the key exchange method:

 

(continued)Management

Auto (IKE)

 

 

 

Encryption: The Encryption method determines the length of the key used

 

 

 

to encrypt/decrypt ESP packets. Notice that both sides must use the same

 

 

 

method.

 

 

 

Authentication: The Authentication method authenticates the

 

 

 

Encapsulating Security Payload (ESP) packets. Select MD5 or SHA. Notice

 

 

 

that both sides (VPN endpoints) must use the same method.

 

 

 

MD5: A one-way hashing algorithm that produces a 128-bit digest

 

 

 

SHA: A one-way hashing algorithm that produces a 160-bit digest

 

 

 

Perfect Forward Secrecy (PFS): If PFS is enabled, IKE Phase 2 negotiation

 

 

 

will generate new key material for IP traffic encryption and authentication.

 

 

 

Note that both sides must have PFS enabled.

 

 

 

Pre-Shared Key: IKE uses the Pre-Shared Key to authenticate the remote

 

 

 

IKE peer. Both character and hexadecimal values are acceptable in this

 

 

 

field, e.g., "My_@123" or "0x4d795f40313233". Note that both sides must use

 

 

 

the same Pre-Shared Key.

 

 

 

Key Lifetime: This field specifies the lifetime of the IKE generated key. If

 

 

 

the time expires, a new key will be renegotiated automatically. The Key

 

 

 

Lifetime may range from 300 to 100,000,000 seconds. The default lifetime is

 

 

 

3600 seconds.

 

 

Manual

 

 

 

Encryption: The Encryption method determines the length of the key used

 

 

 

to encrypt/decrypt ESP packets. Notice that both sides must use the same

 

 

 

method.

 

 

 

Encryption Key: This field specifies a key used to encrypt and decrypt IP

 

 

 

traffic. Both character and hexadecimal values are acceptable in this field.

 

 

 

Note that both sides must use the same Encryption Key.

 

 

 

Authentication: The Authentication method authenticates the

 

 

 

Encapsulating Security Payload (ESP) packets. Select MD5 or SHA. Notice

 

 

 

that both sides (VPN endpoints) must use the same method.

 

 

 

MD5: A one-way hashing algorithm that produces a 128-bit digest

 

 

 

SHA: A one-way hashing algorithm that produces a 160-bit digest

 

 

 

Authentication Key: This field specifies a key used to authenticate IP

 

 

 

traffic. Both character and hexadecimal values are acceptable in this field.

 

 

 

Note that both sides must use the same Authentication Key.

 

 

 

Inbound SPI/Outbound SPI: The Security Parameter Index (SPI) is carried

 

 

 

in the ESP header. This enables the receiver to select the SA, under which a

 

 

 

packet should be processed. The SPI is a 32-bit value. Both decimal and

 

 

 

hexadecimal values are acceptable. e.g., "987654321" or "0x3ade68b1". Each

 

 

 

tunnel must have a unique Inbound SPI and Outbound SPI. No two tunnels

 

 

 

share the same SPI. Note that the Inbound SPI must match the remote

 

 

 

gateway's Outbound SPI, and vice versa.

 

 

 

 

 

60

 

 

4021192 Rev A

Page 59 Page 61
Image 60
Page 59 Page 61
Contents Important Safety Instructions This DocumentImportant Safety Instructions Mitteilung für CATV-Techniker Aviso a los instaladores de sistemas CatvPower Source Warning Ground the ProductVerify the Power Source from the On/Off Power Light Protect the Product from LightningCheck Product Safety Protect the Product When Moving ItTelephone Equipment Notice Declaration of Conformity Canada EMI RegulationDynamic Frequency Selection DFS Dual Band Frequencies Radiation Exposure Statements CanadaAustralia CE Compliance National Restrictions France Italy LatviaAntennas Benefits and Features IntroductionIntroduction Whats In the Carton? Front Panel Description Back Panel Description Back Panel Description What Are the System Requirements for Internet Service? Minimum System Requirements for a PCMinimum System Requirements for Macintosh System Requirements for an Ethernet ConnectionDo Not Have a High-Speed Internet Access Account Already Have an Existing High-Speed Internet Access Account Want to Use the Application Server for Telephone ServiceRev a How Do I Mount the Modem on a Wall? Optional Before You BeginLocation and Dimensions of the Wall-Mounting Slots Mounting the Residential Gateway on a Wall What Are the Requirements for Telephone Service? Telephone Wiring RequirementsNumber of Telephone Devices Telephone Device TypesConnecting and Installing Internet Devices To connect devicesRev a Rev a How Do I Configure My Docsis Residential Gateway? Logging in to the Gateway for the First TimeHow Do I Configure My Docsis Residential Gateway? Setup Quick Setup Configuring Quick Settings Wlan Setup Lan Setup Configuring Your Network SettingsLAN Dhcp  Connected Devices Summary Pre-assigned Dhcp IP Addresses Starting IP AddressSetup Ddns Disabling Ddns Factory Default Settings DdnsConfigure Wireless Settings Wireless Basic SettingsWi-Fi Protected Setup WPS Section Field Description Basic Settings Wi-Fi Protected Setup ConfigurationWPS Push Button Setup Option WPS Setup Using the Gateway PIN Option Section Field Description Basic Settings Wireless Network Wireless ConfigurationNetwork Mode Only, B/G Mixed, B/G/N Mixed factory defaultWireless Wireless Security Section Field Description Wireless Network Name SsidBssid Broadcast SsidWireless Security Page Description Section Field Description Wireless Wireless Security ModeWEP Field DescriptionsWPA Security for Personal Networks WPA or WPA2 Personal ModesConfigure Wireless Settings Wireless MAC Filter Wireless MAC Filter Page DescriptionWireless Advanced Settings Section Field Description Access Access RestrictionMAC Address Filter List Wireless Advanced Settings Page Description CTS Protection Mode Beacon IntervalSection Field Description Dtim Interval Fragmentation ThresholdRTS Threshold Wireless WDS Settings Wireless WDS Settings Page DescriptionWDS Wireless QoS Wireless QoS Page DescriptionDisable Enable Section Field Description No ACKConfigure Security Security FirewallSection Field Description Firewall SPI Firewall Protection Block IP Flood Detection checked factory default Section Field Description Filters Filter ProxyBlock Pop-Up Windows Block Web Page CookiesDisable Pptp Passthrough Security VPN PassthroughVPN IPSec Passthrough Security VPN Security VPN Tunnel Page Description Section Field Description Remote FqdnKey Management Key Exchange Method Section Field Description Key Auto IKEManual Advanced Settings Phase 1 Operation ModeSection Field Description Status Connected or DisconnectedView Log Control Access to the Gateway Access Restrictions IP Address FilteringAccess Restrictions MAC Address Filtering Function Keys Access Restrictions Basic Rules Parental Control check box and click Apply Add RuleRemove Rule Keyword ListBlock Access to Websites Section Field Description Override the PasswordRe-Enter Password Access DurationAccess Restrictions Time of Day Rules Access Restrictions Time of Day Rules Page DescriptionAccess Restrictions User Setup Access Restrictions User Setup Page Description Access Restrictions Local Log Section Field Description Inactivity TimeConfigure Applications and Gaming OverviewApplications & Gaming Port Filtering Applications and Gaming Port Filtering Page DescriptionApplications & Gaming Port Range Forwarding TCPUDP Applications and Gaming Port Range Forward Page Description Section Field Description Port Range Forwarding StartEnd IP AddressApplications & Gaming Port Range Triggering Forwarded Range Start PortApplications & Gaming DMZ Section Field Description End PortApplications and Gaming DMZ Page Description DMZDMZ Hosting Select the desired optionAdministration Management Administration Management Page DescriptionManage the Gateway WAN MTU Field Description Remote Access Remote Management Management PortUPnP IgmpAdministration Reporting Section Field Description Reporting Mail AlertsSmtp Mail Server Mail Address for Alert LogsView Log Administration Diagnostics Administration Backup & Restore Administration Factory Defaults Restore Factory DefaultsMonitor Gateway Status Status GatewayMAC Address CM MAC Address Current TimeStatus Local Network Section Field Description Internet Connection IP AddressDNS1-3 WinsEnd IP Address Status Wireless Status Wireless Page Description Network Name SsidWide Channel SecurityStatus Docsis WAN Docsis WAN Page DescriptionMonitor Gateway Status Frequently Asked Questions How Do I Configure TCP/IP Protocol?How Do I Renew the IP Address on My PC? How do I arrange for installation? Renewing the IP Address on Windows NT, 2000, or XP SystemsWhat if I dont subscribe to cable TV? Common Troubleshooting Issues Dont understand the front panel status indicatorsHow does the residential gateway connect to my computer? Can I watch TV and surf the Internet at the same time?Tips for Improved Performance Check and CorrectFront Panel LED Status Indicator Functions Step100 Rev a Normal Operations AC Power applied Front Panel LED Status Indicators During Normal ConditionsFront Panel LED Status Indicators During Special Conditions Special ConditionsTrademarks DisclaimerDocumentation Copyright Notice Software and Firmware UseCustomer Service For InformationIf You Have Questions Region Assistance Centers Telephone and Fax Numbers
Top Page Image Contents