LevelOne WBR-3404TX user manual ∙VPN Settings Set IKE Proposal

Page 51

VPN Settings - Set IKE Proposal

IKE Proposal index

A list of selected proposal indexes from the IKE proposal pool listed below. The selecting activity is performed by selecting a proposal ID and clicking "add to" button in the bottom of the page. There are only four indexes can be chosen from the proposal pool for the dedicated tunnel. Remove button beside the index list can remove selected proposal index before.

Proposal name

It indicates which IKE proposal to be focused. First char of the name with 0x00 value stands for the IKE proposal is not available.

DH group

There are three groups can be selected: group 1 (MODP768), group 2 (MODP1024), group 5 (MODP1536).

Encryption algorithm

There are two algorithms can be selected: 3DES and DES.

Authentication algorithm

There are two algorithms can be selected: SHA1 and MD5.

Life time

The unit of life time is based on the value of Life Time Unit. If the value of unit is second, the value of life time represents the life time of dedicated VPN tunnel between both end gateways. Its value ranges from 300 seconds to 172,800 seconds. If the value of unit is KB, the value of life time represents the maximum allowable amount of transmitted packets through the dedicated VPN tunnel between both end gateways. Its value ranges from 20,480 KBs to 2,147,483,647 KBs.

Life time unit

There are two units can be selected: second and KB.

Proposal ID

The identifier of IKE proposal can be chosen for adding corresponding proposal to the dedicated tunnel. There are total ten proposals can be set in the proposal pool. At most only four proposals from the pool can be applied to the dedicated tunnel as shown in the proposal index list.

Function of Buttons

Add to button: Click it to add the chosen proposal indicated by proposal ID to IKE Proposal index list. The proposals in the index list will be used in phase 1 of IKE negotiation for getting the IKSAMP SA of dedicated tunnel.

51

Image 51
Contents LevelOne Trademarks CopyrightCE Declaration of Conformity FCC Interference StatementTable of Contents Firmware Upgrade Functions and Features DMZ Host supported Universal Plug and Play UPnP supportedVirtual Server supported User-Definable Application Sensing TunnelFront Panel Packing ListPanel Layout 802.1X supportedUSB Reset Procedure for Hardware Installation Decide where to place your Wireless Broadband RouterRear Panel Power on Setup LAN connectionSetup WAN connection Connecting this product with your printerInstall the Software into Your Computers Make Correct Network Settings of Your ComputerPage Page Page Start-up and Log Configuring LevelOne WBR-3404TXStatus Wizard Page Basic Setting Primary Setup WAN Type, Virtual Computers Press Change Dynamic IP Address Static IP AddressPptp PPP over EthernetPage Virtual Computers Press More Dhcp ServerPage Wireless Setting, and 802.1X setting Radius Shared Key 802.1XEncryption Key Length Radius ServerChange Password Forwarding Rules Virtual Server Special AP Non-standard FTP port UPnP SettingMiscellaneous Items IP Address of DMZ HostSecurity Settings Packet Filter Example Inbound FilterThey can do everything block nothing Others are all blocked Example Page Domain Filter Example URL Blocking URL Blocking EnablePage MAC Address Control Control table MAC AddressIP Address ∙ Method VPN setting∙ Max. number of tunnels item ∙ Tunnel name∙VPN Settings IKE Basic setup Local subnetFunction of Buttons Remote gateway Local netmaskRemote subnet Remote netmask∙VPN Settings Set IKE Proposal ∙VPN Settings -Set IPSec Proposal IPSec Proposal indexEncapsulation protocol IPSec proposal Remote Administrator Host/Port Administrator Time-outDiscard Ping from WAN side Advanced Setting Time Zone System TimeGet Date and Time by NTP Protocol Time ServerSmtp Server IP and Port Mail Alert EnableSystem Log IP Address for SyslogMail Subject Dynamic DNSExample Set Community Snmp SettingEnable Snmp Get CommunityPage Routing Table Page Toolbox You can View system log by clicking the View Log button Firmware Upgrade Backup Setting Reset to defaultReboot Domain Name or IP address for Ping Test MAC Address for Wake-on-LANPrint Server Configuring on Windows 95/98 PlatformsPage Page Configuring on Windows NT Platforms Configuring on Windows 2000 and XP Platforms Select Ports page, Click Add Port… Page Select Custom, then click Settings… Page Apply your settings Page Configuring on Unix based Platforms Install TCP/IP Protocol into Your PC Appendix a TCP/IP Configuration for Windows 95/98Set TCP/IP Protocol for Working with NAT Router Page Page Don’t input any value in the Gateway tab Choose Disable DNS in the DNS Configuration tab Page