Motorola SVG1501UE, SVG1501E manual Phase 1 DH group, Phase 1 encryption, Phase 1 authentication

Page 72

 

 

B

 

 

 

 

Field

Description

 

 

 

 

Phase 1 DH group

Select one of the Diffie-Hellman groups: 768 bits, 1024 bits, or

 

 

1536 bits.

 

 

Diffie-Hellman is a cryptographic technique that uses public

 

 

and private keys for encryption and decryption. The higher the

 

 

number of bits, the more secure the encryption. Options:

 

 

Group 1 (768 bits), Group 2 (1024 bits), or Group 5 (1536 bits).

 

 

 

 

Phase 1 encryption

Secure the VPN connection between endpoints: DES, 3DES,

 

 

AES-128, AES-192, or AES-256.

 

 

Select any encryption but make the far endpoints match.

 

 

Common encryption settings are 3DES and AES.

 

 

 

 

Phase 1 authentication

Set Authentication, another level of security, to SHA or MD5

 

 

Motorola recommends SHA because it is more secure but you

 

 

can use either authentication provided the other end of the

 

 

VPN tunnel uses the same method.

 

 

 

 

Phase 1 SA lifetime

Specify the lifetime of individual rotating keys.

 

 

Enter the number of seconds for the key to last until a re-key

 

 

negotiation between each endpoint is negotiated. The default

 

 

setting is 28,800 seconds.

 

 

A smaller lifetime is generally more secure, since it would give

 

 

an attacker a smaller amount of time to try to crack the key,

 

 

however key negotiation takes up bandwidth, so network

 

 

throughput is sacrificed with small lifetimes. Entries are

 

 

typically in the thousands or tens of thousands of seconds.

 

 

 

10 • VPN Pages

62

Image 72
Contents Motorola SURFboard Page Safety and Regulatory Information Important Safety InstructionsCaring for the Environment by Recycling Recycling your Motorola EquipmentImportant Voip Service Information FCC Interference StatementIndustry Canada IC Statement FCC Radiation Exposure StatementInternational Declaration of Conformity Table of Contents Wireless Pages Basic PagesAdvanced Pages Firewall PagesTroubleshooting VPN PagesMTA Pages Software LicenseStandard Features 1OverviewContact Information Wireless LAN SVG1501 LAN ChoicesUSB Connection SVG1501U Only Sample Wireless Network Connections SVG1501U model shown Wired Ethernet LAN Sample Ethernet to Computer Connection SVG1501U model shownFront Panel Reset Rear PanelTEL1/2 USBMAC Label CableGetting Started Inside the BoxCD-ROM Signing Up for Service BeforeYou BeginSystem Requirements Connecting the SVG1501 Connecting the SVG1501U SVG1501 LED Activity During StartupWall Mounting the SVG1501 Print a copy of the Wall Mounting Template Wall Mounting Template Wall Mounting TemplateSetting Up Internet Access Configuring TCP/IP in Windows XPConfiguring TCP/IP in Windows Vista Open the Control PanelClick All Programs Click Accessories Verifying the IP Address in Windows XPVerifying the IP Address in Windows Vista Setting Up a Wi-Fi Network Renewing Your IP AddressBasic Configuration Starting the SVG1501 Configuration Manager CmgrConfiguration Manager Menu Options Bar SVG1501 Menu Options BarStatus BasicExiting the SVG1501 Configuration Manager Getting HelpVPN MTAStatus Pages Status SoftwareStatus Connection Changing the SVG1501 Default Password Restoring Factory DefaultsStatus Security Status Diagnostics Testing Network Connectivity with the SVG1501Ping Utility Traceroute Utility Status Event Log Basic Setup Field Descriptions for the Basic SetupNapt mode Basic PagesBasic Dhcp LANWAN Field Descriptions for the Basic Dhcp Basic Ddns Field Descriptions for Basic DdnsBasic Backup Restoring Your SVG1501 ConfigurationBacking Up Your SVG1501 Configuration Advanced Pages Advanced OptionsField Descriptions for the Advanced Options WAN BlockingRemote Config Management Http//WanIPAddress8080/ to access the SVG1501Multicast Enable UPnP EnableEnabled Advanced IP FilteringField Descriptions for the Advanced IP Filtering Start AddressSetting a MAC Address Filter Advanced MAC FilteringField Descriptions for the Advanced MAC Filtering Click Add MAC AddressAdvanced Port Filtering Advanced Port ForwardingField Descriptions for the Advanced Port Filtering Advanced Pages Advanced Port Triggers Field Descriptions for the Advanced Port TriggersAdvanced Routing Information Protocol Setup Setting Up the DMZ HostAdvanced DMZ Host Field Descriptions for the Advanced RIP Setup Firewall Web Content Filter Firewall PagesFirewall Local Log Firewall Remote LogField Description for the Firewall Remote Log Permitted ConnectionsProduct Configuration Events Known Internet AttacksTo SysLog server at Parental Control User Setup Parental Control PagesField Descriptions for the Parental Control User Setup Parental Control Basic Setup Parental Control Time of Day Filter Parental Control Local LogWireless Pages Wireless 802.11 RadioField Descriptions for the Wireless 802.11 Radio Wireless 802.11 Primary Network Field Descriptions for the Wireless 802.11 Primary NetworkShared Key Authentication 802.1x AuthenticationWPA Pre-Shared Key Show KeyWireless 802.11 Advanced Field Descriptions for the Wireless 802.11 AdvancedAfterburner Technology RateBeacon Interval Dtim IntervalWireless 802.11 Access Control Field Descriptions for the Wireless 802.11 Access ControlWireless Interface MAC Restrict ModeWireless 802.11 Wi-Fi Multimedia Field Descriptions for the Wireless 802.11 Wi-Fi MultimediaWireless 802.11 Bridging Field Descriptions for the Wireless 802.11 BridgingWireless Bridging Remote BridgesSetting UpYour Wireless LAN Encrypting Wireless LAN TransmissionsEncrypting Wireless LAN Transmissions Otherwise, configure WEP on the SVG1501Installing Wireless Clients Configuring Wireless ClientsConfigured the Wireless Network Name on the SVG1501 Installing a Wireless Client for WPA Configuring a Wireless Client for WEPConfiguring a Wireless Client with the Network Name Ssid VPN Pages VPN BasicVPN IPsec Enable drop-down Local Endpoint SettingsName Address group typeRemote Endpoint Settings IPsec SettingsNetwork address type Remote AddressPhase 1 DH group Phase 1 encryptionPhase 1 authentication Phase 1 SA lifetimeVPN L2TP/PPTP VPN Event Log MTA Pages MTA StatusMTA Dhcp MTA QoS MTA Provisioning MTA Event Log Troubleshooting SolutionsTroubleshooting Solutions Power light is offFront-Panel LEDs and Error Conditions Front-Panel LEDs and Error ConditionsWireless clients cannot send or receive data Slow wireless transmission speed with WPA enabledSoftware License Software LicenseGovernment Restricted Rights Motorola, Inc Tournament Drive Horsham, PA 19044 U.S.A