VPN – Advanced Settings
Advanced settings for a VPN tunnel is used when one need change some characteristics of the tunnel when using for example trying to connect to a third party VPN Gateway. The different settings to set per tunnel is the following:
Limit MTU
Whit this setting it’s possible to limit the MTU (Max Transferable Unit) of the VPN tunnel.
IKE Mode
Specify if Main mode IKE or Aggressive Mode IKE should be used when establishing outbound VPN Tunnels. Inbound main mode connections will always be allowed. Inbound aggressive mode connections will only be allowed if this setting is set to aggressive mode.
IKE DH Group
Here it’s possible to configure the
PFS – Perfect Forward Secrecy
If PFS, Perfect Forwarding Secrecy, is enabled, a new
NAT Traversal
Here it’s possible to configure how the NAT Traversal code should behave.
Disabled - The firewall does not send the Vendor ID's that include
On if supported and need NAT - Will only use
On if supported - Always tries to use
Keepalives
No keepalives –
Automatic keepalives - The firewall will send ICMP pings to IP Addresses automatically discovered from the VPN Tunnel settings.
Manually configured IP addresses - Configure the source and destination IP addresses used when sending the ICMP pings