3Com 3CR856-95 manual IPSec Connections using Remote User Access

Page 57

Depending on which Tunnel Type you have selected, choose from the following to edit or add the remaining fields:

■“IPSec Connections using Remote User Access” on page 57

■“IPSec Connections using Gateway to Gateway” on page 57

■“L2TP over IPSec Connections” on page 59

■“PPTP Connections” on page 60

IPSec Connections using Remote User Access

If you have selected IPSec as a Tunnel Type and Remote User Access as a Connection Type, enter the following values:

■Remote User ID — Enter the Remote User ID. This must be entered identically on the IPSec software installed on the client’s machine.

■Tunnel Shared Key — this is the password for the connection and is a combination of letters, numbers and punctuation and can be up to 64 characters in length.

Figure 53 IPSec Connection - Remote User Access

■Encryption type — choose the encryption type from DES or 3DES. 3DES is more secure but may take longer to encrypt and decrypt.

3DES is not shipped with the Gateway as standard due to international restrictions on encryption. If your country permits its use it can be downloaded from the 3Com web site at

http://www.3com.com/

■Exchange keys using — choose the encryption method used to exchange shared keys. Diffie-Hellman Group 2 is more secure but less common than Diffie-Hellman Group 1.

■Use Perfect Forward Secrecy — Choose whether to use perfect forward secrecy. Using perfect forward secrecy will change the encryption keys during the course of a connection making the tunnel more secure but slowing data transfer. To enable perfect forward secrecy ensure that the Use Perfect Forward Secrecy box is checked. To keep the same key for the length of a connection leave the box unchecked.

Click Apply to save your changes or Close to return without saving.

IPSec Connections using Gateway to Gateway

If you have selected IPSec as a Tunnel Type and Gateway to Gateway as a Connection Type, enter the following values:

■Remote IPSec Server Address — enter the Internet IP address or name of the remote gateway. (Figure 54).

■Remote Network address — enter the LAN IP address of the remote network. This is the first IP address of a subnet, one below the first address available for use.

57

Image 57

Contents Page United States Government Legend 3Com Corporation Bayfront Plaza Santa Clara, CaliforniaContents Troubleshooting Using DiscoveryIP Addressing End User Software Licence Agreement Safety InformationISP Information Index Regulatory NoticesPage Naming Convention About this GuideConventions Icon DescriptionRelated Documentation Feedback about this User GuideProduct Registration OfficeConnect Cable/DSL Secure Gateway Introducing the Officeconnect CABLE/DSL Secure GatewayCable/DSL Secure Gateway Advantages Example Network Using a Cable/DSL Secure GatewayMinimum System and Component Requirements Package ContentsFront Panel Power LED GreenAlert LED Orange Flashing slowly Two seconds on, two seconds offRear Panel Power Adapter socketCable/DSL Status LED Ethernet Cable/DSL portPage Before you Install your Gateway Installing the GatewayIntroduction Positioning the GatewayStatic PPPoEConnecting the Cable/DSL Secure Gateway Powering Up the GatewayPage Setting UP Your Computers Obtaining an IP Address AutomaticallyWindows 2000, XP Disabling PPPoE and Pptp Client Software Windows 95, 98, MEMacintosh OS 8.5 Internet Properties Disabling Web ProxyPage Accessing the Wizard Running the Setup WizardWelcome Screen Setting the PasswordTo set the Gateway to World Time UTC Setting the Time ZoneInternet Settings Auto-Configuration SettingsDynamic IP Address Mode Static IP ModeConnection, use the following procedure PPPoE ModePptp Screen Pptp ModeActivating Dhcp Choosing your LAN SettingsViewing the Summary Dhcp Server Setup ScreenPage Navigating Through the Gateway Configuration Pages Gateway ConfigurationMain Menu Option TabsWelcome Screen Password ScreenSetup Wizard LAN SettingsLAN IP Settings Changing the LAN SettingsChanging the Dhcp Server Settings Dhcp Clients Screen Dhcp Clients ListStatic IP Address DSL or Cable Internet SettingsConnection to ISP Screen Connection to ISPStatic Address Setup Screen Configuring a Static IP AddressDynamic Address Setup Screen Configuring a Dynamic IP AddressPPPoE Setup Screen Configuring a PPPoE connectionConfiguring a Pptp connection Setting up NATOne-to-Many and One-to-One NAT Setting up One-to-Many NATConfiguring the Firewall Setting up One-to-One NATVirtual Servers Menu Creating a Virtual DMZ Creating a Virtual ServerPC Privileges Virtual Servers Settings ScreenTo assign different access rights for different computers To use access control for all computersSpecial Applications Screen Special ApplicationsCreating Custom Special Applications Adding and Editing Special ApplicationsCustom Special Applications Setup Screen Advanced Advanced Settings ScreenConfiguring VPNs Setting the VPN ModeIPSec Configuration Address Pool for Pptp and L2TP clients field enter L2TP ConfigurationViewing VPN Connections Pptp ConfigurationAdding and Editing VPN Connections IPSec Connections using Gateway to Gateway IPSec Connections using Remote User AccessIPSec Connection Gateway to Gateway Connection Name field enter headsales L2TP over IPSec ConnectionsPptp Connections Editing IPSec RoutesRestart Accessing the System ToolsTime Zone Loading and Saving the Gateway ConfigurationUpgrading the Firmware of your Gateway Upgrade ScreenStatus Screen Viewing Status and LogsObtaining Support and Feedback for your Gateway Log Settings ScreenFeedback Screen Troubleshooting Browsing to the Gateway Configuration ScreensBasic Connection Checks Forgotten Password Connecting to the InternetHttp//192.168.1.1 Alert LEDDoes the Gateway support virtual private networks VPNs? Frequently Asked QuestionsUsing Discovery Windows Installation 95/98/2000/Me/NTRunning the Discovery Application Discovery Finish Screen Internet Protocol Suite IP AddressingIP Addresses and Subnet Masks Type OneDhcp Addressing How does a Device Obtain an IP Address and Subnet Mask?Static Addressing Type TwoAuto-IP Addressing Private IP AddressesPage Standards Technical SpecificationsSystem Requirements Cable SpecificationsEthernet Performance Operating SystemsSafety Information Important Safety InformationWichtige Sicherheitshinweise Consignes importantes de sécurité Page Page 3Com Corporation END User Software Licence AgreementPage Internet Characteristics Popular ISPs Connection Types ISP InformationInformation Regarding Popular ISPs Page Glossary Ethernet DSL modemEthernet Address Fast EthernetIPSec IP AddressL2TP over IPSec MAC AddressNetwork SwitchNetwork Interface Card NIC ProtocolWizard TrafficPage Numbers IndexIeee Ietf NAT Ping VPN Page FCC Statement Regulatory Notices100 Page DUA08569-5AAA02 Published November

Related manuals

Manual 2 pages 51.21 Kb