XiNCOM XC-DPG503 manual IPSec Global Settings

Page 35

IPSec Global Settings

IPSec Global Setting

IP Global Setting

Enable

Enabling either WAN 1, WAN 2, or both will start the VPN global setting.

ISAkmp Port

Internet Security Association and Key Protocol Management (ISAkmp) is designed to negotiate, establish, modify, and delete security associations and their attributes. In particular, it was assigned UDP port 500 by the IANA.

Phase 1 DH Group

Use DH Group 1(768-bits),DH Group 2(1024-bits), Group 5 (1536-bits) to generate IPSec SA keys.

Phase 1 Encryption Method

There are three data encryption methods available, DES, 3DES, and AES.

Phase 1 Authentication Method

There are two authentication available. MD5 and SHA1 (Secure Hash Algorithm)

Phase 1 SA Life Time

By default the Security Association lifetime is set at 28800 Sec.

Maxtime to complete phase 1

The aim of phase 1 is to authenticate and establish a secure tunnel, which will protect further IKE negotiation. The maximum time default is 30 sec.

Maxtime to complete phase 2

Maximum time to establish the IPSec SAs. By default the maximum time is 30 sec.

Log Level

Select a VPN log level that you like to display on VPN log.

Planning the VPN

Consider these questions and setups when planning your VPN:

If the remote end is a LAN network, the two-endpoint network must have different LAN IP address ranges. If the remote endpoint is a single PC running a VPN client, its destination address must be a single IP address, with subnet mask of 255.255.255.255

Will you be using the Internet Key Exchange (IKE) setup or Manual Keying? For either method, you must specify each phase of the connection.

At least one side must have a fixed IP address. The other side with a dynamic IP address must always be the initiator of the connection.

What encryption level will you use? (DES/3DES - hardware encryption; AES - software encryption)

35

Page 34 Page 36
Image 35
Page 34 Page 36
Contents Twin WAN VPN Gateway Table of Contents QoS Configuration VPN Configuration Use TWO ISPs for expanded bandwidth and redundancy IntroductionFeatures Dhcp Server Support Easy SetupPassword Protected Configuration Http Firmware Upgrade and backupSystem Physical DetailsLED Action Condition Default SettingsOverview Procedure Basic SetupNo Response? Configuring the XC-DPG503 for your LANProcedure Configuring the XC-DPG503 for your LAN Installation Diagram for XC-DPG503 Connecting two broadband modemsAddress Info Configuring for Internet AccessSettings Primary Setup Connection Mode Connection TypeOverview Configure PCs on your LANTCP/IP Settings Internet AccessTo act as a Dhcp Client recommended For Apple ClientsFor Linux Clients Fixed IP AddressAdvanced Port Port Options Health Check Auto Dialup Bridge ModeLoad Balance Settings Load BalanceAdvanced PPPoE Settings Advanced PPPoEAdvanced Pptp Settings Advanced PptpAdvanced Setup Host IP Host IPVirtual Servers Settings Virtual ServerVirtual Servers Server List Settings Custom Virtual ServersCustom Virtual Servers Custom Virtual ServersSpecial Application Settings Special ApplicationsSpecial Applications Dynamic DNS To use the Dynamic DNS FeatureSettings Dynamic DNS Dynamic DNSPrivate IP Address Multi DMZ & UPnPFor Dynamic IP Select the desired WAN portSettings Advanced Features Advanced FeaturesAdvanced Features HTTP// Internet IP Address of the XC-DPG503 Using Remote Web-based SetupFirewall Exception Security ManagementBlock URL Access FilterSettings Block URL Settings Access FilterSession Limit Settings Session LimitSession Limit & Firewall Exception QoS Configuration VPN Configuration IPSec Global Setting IPSec Global SettingsVPN Policy Setup Policy SetupKey Management Trap Targets Management AssistantSystem Information Message Status Management AssistantSyslog Configuration To save the XC-DPG503 Configuration to a file Using the Tftp Utility RecommendedUpdating the Firmware Backup your configuration Restoring Saved Configuration Http Upgrade FirmwareUploading the Firmware To upload the firmware to the routerSystem Status Operation & StatusOperation & Status Existing Dhcp Server Advanced LAN ConfigurationStatic Routing Advanced LAN Configuration192.168.1.100 Configuring other Routers on you LAN192.168.2.0 255.255.255.0External Power Adapter DimensionsOperating Temperature Storage TemperatureUsing Specify an IP Address TCP/IP SettingsChecking TCP/IP Settings Windows 9x/ME Using DhcpUsing a fixed IP Address Use the following IP Address Checking TCP/IP Settings WindowsFigure G. Network Configuration Windows XP Checking TCP/IP Settings Windows XPOverview Troubleshooting

XC-DPG503 specifications

The XiNCOM XC-DPG503 is a versatile and advanced dual WAN VPN router designed to meet the demands of small to medium-sized businesses looking for robust internet connectivity and reliable security features. Its distinguishing characteristics make it an excellent choice for organizations requiring seamless redundancy and high-speed performance.

One of the most notable features of the XC-DPG503 is its dual WAN capability. This allows users to connect two different internet service providers simultaneously, ensuring uninterrupted connectivity. In case one connection fails, the router can automatically failover to the secondary WAN link, enhancing network reliability and uptime. This feature is particularly beneficial for businesses that cannot afford downtime due to internet connectivity issues.

The XC-DPG503 supports various VPN protocols, such as IPSec and PPTP, which enable secure remote access for employees and secure site-to-site connections. With built-in VPN support, users can establish encrypted connections over the public internet, allowing sensitive data to be transmitted safely. This level of security is essential for businesses handling confidential information.

Another characteristic of the XC-DPG503 is its comprehensive firewall capabilities, which protect the internal network from external threats. It includes features like Stateful Packet Inspection (SPI), Denial of Service (DoS) protection, and content filtering, helping to safeguard the network against various cyber threats.

Performance-wise, the XC-DPG503 comes equipped with a robust processor and ample memory, allowing it to handle multiple connections and data-intensive applications simultaneously without compromising speed and efficiency. With support for Gigabit Ethernet ports, it ensures high-speed LAN connectivity, accommodating the high bandwidth requirements of modern enterprises.

The router also features an easy-to-use web-based management interface. This user-friendly platform allows administrators to configure settings, monitor network performance, and manage security policies efficiently. Additionally, it supports remote management, enabling IT staff to oversee the network without being physically present.

Designed for scalability, the XiNCOM XC-DPG503 is an ideal solution for growing businesses. Its advanced features, security protocols, and dual WAN capability make it a reliable choice for organizations looking to maintain high levels of productivity while ensuring a secure networking environment. Overall, the XC-DPG503 stands out with its combination of performance, security, and ease of management, making it an invaluable asset for contemporary business networks.
Top Page Image Contents