HotBrick VPN 800 manual Key Management

Page 60

HotBrick Network Solutions

Key Management

Key Key Type: there are two key types (manual key and auto key) available for the key exchange management.

Manual Key: If manual key is selected, no key negotiation is needed. Encryption Key- This field specifies a key to encrypt and decrypt IP traffic. Authentication Key – This field specifies a key use to auth entication IP traffic. Inbound/outbound SPI (Security Parameter Index)

is carried on the ESP header. Each tunnel must have a unique inbound and outbound SPI, and no two tunnels share the same SPI. Notice that Inbound SPI must match the other router’s outbound SPI.

AutoKey (IKE)- There are two types of operation modes can be used.

Main mode accomplishes a phase one IKE exchange by establishing a secure channel. Aggressive Mode is another way of accomplishing a phase one exchange. It is faster and simpler than main mode, but does not provide identity protection for the negotiating nodes.

Perfect Forward Secrecy (PFS) – If PFS is enable, IKE phase 2 negotiation will generate a new key material for IP traffic encryption & authentication. Preshared Key – This field is to authenticate the remote IKE peer. Key Lifetime- This is specified the lifetime of the IKE generated Key. If the time expires or data is passed over this volumn, a new key will be renegotiated, By default, 0 is for no limit.

Page 56

Page 59 Page 61
Image 60
Page 59 Page 61
Contents Dual WAN Firewall Router VPN 800 User’s Guide Page Table of Contents Advanced LAN Configuration ………………………………………………………………...67 Existing Dhcp Server ………………………………………………………………………………...67Internet Features IntroductionThis gives twice the bandwidth of a single modem PPPoE Session Management Other Features Port Switching HubPackage Contents Physical DetailsLED Action Condition Default Settings AC power socketRear Panel VPN 800/2 Firewall Router Page Basic Setup ProcedureConfiguring the VPN 800/2 Firewall Router for your LAN OverviewNo Response? Settings LAN & Dhcp IP AddressSubnet Mask Configuration LAN Any IP SetupDhcp Server Dhcp IP AddressHotBrick Network Solutions Settings Primary Setup Connection ModeConnection TypeAddress Info PPPoE / PptpConfigure PCs on your LAN TCP/IP SettingsInternet Access OverviewAccessing AOL Macintosh ClientsLinux Clients Fixed IP Address Advanced Port Setup Port OptionsSettings Port Options Connection OptionsTransparent Bridge OptionLoad Balance Load BalanceSettings Load Balance Load BalanceStatistics InterfaceSettings Advanced PPPoE Advanced PPPoEAction StatusSettings Advanced Pptp Advanced PptpAdvanced Setup Host IP SetupSettings Host IP Setup Host Network IdentityHost Network BindingHost & Group ListConnecting to the Virtual Servers Virtual ServersSettings Virtual Server EnableServer Type AddressSettings Custom Virtual Servers Custom Virtual ServersSelect Custom Server Server List Name Custom ServerCustom Virtual Server Settings Special Applications Special ApplicationsSelect Special Application Name Select Name Item Using a Special Application on your PC To use the Dynamic DNS feature Dynamic DNSSettings Dynamic DNS Dynamic DNS ServiceSettings AdditionalStandard Client orMulti DMZ Multi DMZSettings Multi DMZ Settings UPnP UPnPUPnP Option NAT Setting NATSettings NAT NAT AliasAdvanced Features 10 Advanced FeatureSettings Advanced Features Using Remote Web-based Setup Interface Smtp Simple Mail Transport Protocol BindingProtocol Protocol and Port Binding Security Management Block URLSettings Block URL Block InternetAccess Filter Setup Access GroupFilter Setting Block Well-knownPorts Icmp FiltersSession Limit Setting System Filter Exception Enable System Filter ExceptionProtocol Foreign Port RangeVPN Configuration Planning the VPNIPSec Global Setting IPSec Global SettingIP Global Setting Log LevelPolicy Setup Policy SetupVPN Policy Setup IPSec Traffic BindingTraffic Selector Security LevelKey Management Tunnel Attribute Dead Peer DetectionSet Options QoS Configuration QoS SetupPolicy Configuration Data QoS SetupService FeatureData Policy Configuration Network Admission PolicyManagement Assistant SnmpSettings Snmp Email AlertSystem InformationSettings Email Alert Syslog Syslog Configuration Syslog GlobalKeep Sent Messages Syslog ServerAdmin Password Admin Password ScreenUpgrade Firmware Upgrade FirmwareAdvanced LAN Configuration Existing Dhcp ServerRouting Configuring Other Routers on your LAN Settings RoutingStatic Routing Example For Router As Default Route For Router Bs Default RouteFor the VPN 800/2 Firewall Router Gateways Routing Table Entry 1 SegmentOperation and Status OperationSystem Status Data System Status DeviceRestore Factory Defaults Restore Factory DefaultsWAN Status WAN StatusNAT Status Data NAT StatusErrors NAT TrafficNAT Connections MiscSpecifications FCC StatementCE Marking Warning Windows TCP/IP Setup Overview TCP/IP SettingsChecking TCP/IP Settings Windows 9x/ME Using Dhcp Checking TCP/IP Settings Windows Select Control Panel Network and Dial-up ConnectionUsing a fixed IP Address Use the following IP Address Checking TCP/IP Settings Windows XP Figure B-7 Network Configuration Windows XPFigure B-8 TCP/IP Properties Windows XP Troubleshooting General ProblemsInternet Access SolutionSolution
Top Page Image Contents