Figure 54 IPSec Connection - Gateway to Gateway

If the remote Gateway has a LAN IP address of 192.168.1.1 and a subnet mask of 255.255.255.0 then the LAN IP address of the remote subnet is 192.168.1.0.

The Gateways must be configured with LAN IP address ranges that do not overlap.

Remote Subnet address — this is set as 255.255.255.0 as default.

Tunnel Shared Key — this is the password for the connection and is a combination of letters, numbers and punctuation and can be up to 64 characters in length.

If you are creating a Gateway to Gateway connection you have no need to remember the Tunnel Shared Key once the tunnel is established and do not have to make the key a memorable password.

Encryption type — choose the encryption type from DES or 3DES. 3DES is more secure but may take longer to encrypt and decrypt.

3DES is not shipped with the Gateway as standard due to international restrictions on encryption. If your country permits its use it can be downloaded from the 3Com web site at

http://www.3com.com/

Hash Algorithm — choose either SHA-1 or MD5 from the drop-down list. Both ends of the connection must use the same value.

Exchange keys using — choose the encryption method used to exchange shared keys. Diffie-Hellman Group 2 is more secure but less common than Diffie-Hellman Group 1.

Use Perfect Forward Secrecy — Choose whether to use perfect forward secrecy. Using perfect forward secrecy will change the encryption keys during the course of a connection making the tunnel more secure but slowing data transfer. To enable perfect forward secrecy ensure that the Use Perfect Forward Secrecy box is checked. To keep the same key for the length of a connection leave the box unchecked.

Example: Setting up an IPSec connection between two Gateways.

Gateway One is located at the head office and is configured with the following settings:

Internet IP address: 172.27.34.202

LAN IP address: 192.168.1.1

LAN Subnet Mask: 255.255.255.0

58

Page 57 Page 59
Page 58
Image 58
3Com 3CR856-95 manual IPSec Connection Gateway to Gateway
Page 57 Page 59

3CR856-95 specifications

The 3Com 3CR856-95 is a versatile networking device designed to meet the demands of small to medium-sized businesses. As a part of the 3Com OfficeConnect series, the 3CR856-95 combines switching, routing, and security features into a compact, integrated solution that enhances network performance and reliability.

One of the main features of the 3CR856-95 is its ability to support multiple network configurations. It operates as a router and switch simultaneously, offering six Ethernet ports for wired connections, while also integrating wireless capabilities. This allows businesses to connect various devices seamlessly, including computers, printers, and smartphones, providing flexibility and convenience in a modern office environment.

The device incorporates advanced technologies such as Quality of Service (QoS) which prioritizes network traffic to ensure that bandwidth-intensive applications like video conferencing and VoIP run smoothly. This feature is essential for maintaining productivity and communication efficiency in busy office settings. Additionally, the 3CR856-95 supports both IPv4 and IPv6 protocols, making it a future-proof solution as businesses transition to the newer Internet Protocol standard.

Security is a critical consideration for any networking equipment, and the 3CR856-95 addresses this with robust measures. It includes a built-in firewall that protects the network from external threats, along with support for Virtual Private Networks (VPN), allowing secure remote access for employees working from off-site locations. Furthermore, the device supports WPA2 encryption for wireless connections, safeguarding sensitive data transmitted over the network.

Another important characteristic of the 3CR856-95 is its user-friendly interface, which simplifies the setup and management of the network. The device features a web-based management console that allows network administrators to easily configure settings, monitor traffic, and troubleshoot issues from any internet-connected device. This accessibility saves time and reduces the complexity often associated with network management.

In summary, the 3Com 3CR856-95 is a robust and feature-rich networking solution tailored for small to medium-sized businesses. With its combination of switching, routing, and security features, it provides a reliable platform for facilitating seamless communication and connectivity. Its support for advanced technologies and user-friendly management interface makes it a smart choice for organizations looking to enhance their network infrastructure.
Top Page Image Contents