Local and Peer Settings, Mode | Compatible Systems 5.4 manual

Interoperability Settings Dialog Box

To access this dialog box, select VPN Port #/Interoperability Settings from the device view.

Mode

This pull-down menu set the IKE Phase 1 negotiation mode between the devices. Phase 1 controls how the two devices identify and authenticate each other so that tunnel sessions can be established.

Main and Aggressive are the two IPSec standard methods for performing the Phase 1 negotiation. This setting must match the Phase 1 negotiation mode of the remote peer. Other vendors may support only the Main mode.

Local and Peer Settings

As part of their interoperability function, the following settings specify access from one area behind a VPN device to another area behind a VPN device.

The Local settings specify what local subnets, hosts, ports and/or protocols will be reachable via the tunnel.

The Peer settings specify what remote subnets, hosts, ports and/or protocols will be reachable via the tunnel. The remote tunnel partner (i.e., peer) must have a matching policy in order for traffic to be successfully tunneled.

Image 110

Compatible Systems 5.4 manual Local and Peer Settings, Interoperability Settings Dialog Box, Mode

Contents

CompatiView 5.4 Reference Guide Page Installation and Overview Table of Contents Iii Table of Contents VPN Ports and LAN-to-LAN Tunnels TCP/IP Filtering 183 Ospf Installation and Overview CompatiView Quickstart System Requirements for Windows CompatiView Installation NotesAbout this Manual Selecting IP or IPX Operation with Windows CompatiView’s Menus and Main Windows Device View and the Main Window Device View Right-Clicking in the Device View File Menu New ConfigOpen Config File Open Device Download Config to Device Dialog Box Save / Restart Options VPN Port Save To FileSubinterface Firewall Path Database Menu General Tab OptionsDatabase Options Dialog Box Confirmations Tab Save/Restart Tab Control Menu Advanced Tab Restart Device Download SoftwareTftp Download CompatiView Output Window Output WindowStatistics Menu Serial Statistics EthernetWAN State PPP Statistics IP Routing Ospf ConfigurationIP Route Table IPX Route Table Command Line Edit Box Customize Moving and Customizing the WindowsView menu Customize Window View Dialog Box CommandsWindow Menu ToolbarsPage IP Routing & Bridging TCP/IP Routing Ethernet Configuration Dialog BoxTCP/IP Routing Ethernet Dialog Box IP Routing/Bridging/Off Network IP Broadcast Address IP AddressNetwork IP Subnet Mask Routing Protocol RIP Split Horizon Output RIP Input RIP IP Routing & Bridging Directed Broadcast Ospf TCP/IP Routing WAN Configuration Dialog Box TCP/IP Routing WAN Configuration Dialog Box Numbered Interface Network IP Broadcast Address Update Method RIP Split Horizon TCP/IP Routing VPN Configuration Dialog Box IP Routing & Bridging Options IP Routing/IP Bridging/IP Off IP Address Routing Protocol Update Method Ospf TCP/IP Routing Bridge Configuration Dialog Box Bridge Logical Diagram TCP/IP Routing Bridge 0 Configuration Dialog Box IP Routing/Off Network IP Subnet Mask IP Routing & Bridging Ospf IP Subinterface Dialog Box IP On/IP Off IP Connection Dialog BoxIP Connection Dialog Box IP Address IP Static Routing Dialog Box Gateway DestinationMask Metric Redistribute via IP Proxy ARP Ethernet IP Options Bridge IP OptionsEthernet or Bridge TCP/IP Options Dialog Box UDP Forwarding Agents Relays UDP Forwarding Agents Dialog Box UDP Ports/Protocols WAN IP OptionsServer IP Address WAN IP Options Dialog Box Send IP Address Configure Request Van Jacobson Header Compression IP Multiprotocol Precedence Dialog Box RIP V2 PasswordTCP/IP Routing Options Protocol Precedence IP Route Redistribution RIP to Ospf IP Route Redistribution Dialog BoxOspf Route Aggregation BGP to Ospf Default into OspfOspf to RIP BGP to RIP IP Routing & Bridging IPX Ethernet Frame Types IPX Routing Ethernet Configuration Dialog BoxIPX Routing Ethernet Configuration Dialog Box IPX Routing & Bridging IPX Routing/Bridging/Off Seed Status per Frame Type Network Number per Frame Type RIP Update TimerSAP Update Timer Block IPX Type 20 Output Packets IPX Routing WAN Configuration Dialog Box IPX Routing WAN Configuration Dialog Box Network Number Optional Remote Node Network Number IPX Routing & Bridging Use Ethernet Port as End-Node Proxy IPX Routing VPN Configuration Dialog Box IPX Routing VPN Configuration Dialog Box IPX Routing/Bridging/Off RIP Update Timer IPX Routing Bridge Configuration Dialog Box IPX Routing Bridge 0 Configuration Dialog Box IPX Frame Types IPX Routing/Off Network Number per Frame Type AppleTalk Routing Ethernet Configuration Dialog Box AppleTalk Routing Ethernet Configuration Dialog BoxAppleTalk Phase 1 Configuration AppleTalk Routing & Bridging Phase 1 Routing/Bridging/Off Phase 1 Seed Status Phase 1 Node Phase 1 Net #Phase 1 Zone NBP Lookup Filters Filtering Phase 2 Seed Status AppleTalk Phase 2 ConfigurationPhase 2 Routing/Bridging/Off Phase 2 Default Zone Phase 2 Net # RangePhase 2 Zones Phase 2 Node AppleTalk Routing WAN Configuration Dialog Box AppleTalk Routing WAN Configuration Dialog Box AppleTalk Routing & Bridging AppleTalk On/Bridging/Off Optional Remote End-Node Network Number ZoneNode Optional Remote End-Node Node Number AppleTalk Routing VPN Configuration Dialog BoxAppleTalk Routing VPN Configuration Dialog Box Optional Remote End-Node Proxy AppleTalk On/Bridging/Off AppleTalk Zone AppleTalk Routing Bridge Configuration Dialog Box AppleTalk Routing Bridge 0 Configuration Dialog Box Phase 1 Routing/Off AppleTalk Routing & Bridging Phase 1 Net # Phase 2 Routing/Off Phase 2 Zones Network Filters NBP Filtering Configuration Dialog BoxNBP Filtering Zone Filters AppleTalk Options Configuration Dialog Box Phase 2 Aarp Probe Time DECnet Routing & Bridging Main DECnet Routing Configuration Dialog BoxMain DECnet Routing Configuration Dialog Box DECnet On Area Hello TimerRouting Timer DECnet Ethernet Configuration Dialog Box DECnet Routing & Bridging Max Addresses DECnet Ethernet Configuration Dialog Box DECnet Routing/Bridging/Off DECnet On/Bridging/Off DECnet WAN Configuration Dialog BoxDECnet WAN Configuration Dialog Box Hello Timer Add VPN Port Dialog Box Add VPN Port Dialog Box Partner Address Tunnel Partner VPN Configuration Dialog BoxVPN Ports and LAN-to-LAN Tunnels Bind To Interface Key Manage IKE Key ManagementIKE Key Management Dialog Box Perfect Forward Secrecy Shared KeyTransform 101 IKE Configuration Dialog BoxAuthentication Encryption Authentication Secret Enable AuthenticationAuthentication Method Manual Key Management 103 Interoperability Settings Dialog BoxEnable Encryption Encryption Method Mode Local and Peer SettingsInteroperability Settings Dialog Box 105 Local / AccessPeer / Access Local / Protocol Peer / Port 107 108 VPN Client Tunnels 109 VPN Group Configuration Dialog BoxVPN Group Configuration Dialog Box and General Tab VPN Group Configuration General Tab MinimumVersion VPN Client Tunnels 111 Inactivity TimeoutSLA Enable Client Exclude Local LAN VPN Group Configuration IKE Configuration Tab VPN Group Configuration IKE Configuration Tab VPN Client Tunnels 113 Save Secrets VPN Group Configuration Manual Tab VPN Group Configuration Manual Tab VPN Client Tunnels 115 VPN Group Configuration IP Connection TabVPN Group Configuration IP Connection Tab Start IP Address Local IP Net Assign IP Radius Add IP Address Dialog Box VPN Client Tunnels 117 Allow Connections ToAdd Edit Input Filters VPN Group Configuration IP Filters TabVPN Config IP Filters Tab Output Filters VPN Client Tunnels 119 VPN Group Configuration IPX Connection TabVPN Config IPX Connection Tab Local IPX Net Assign IPX Radius VPN Group Configuration IPX Filters TabVPN Group Configuration IPX Filters Tab VPN Client Tunnels 121 Input Filters VPN Group Configuration Rollover TabVPN Group Configuration Rollover Tab Alternate IntraPort Addresses SecurID Required VPN Group Configuration SecurID TabVPN Group Configuration SecurID Tab SecurID User Name VPN Group Configuration DNS Redirection Tab Add Local Domain Dialog Box VPN Group Configuration Wins Redirection TabVPN Group Configuration Wins Tab Local Domain Name VPN Client Tunnels 125 VPN User Configuration Dialog BoxVPN User Configuration Dialog Box Name STEP/STAMP Authentication SecretVPN User Dialog Box VPN Group IKE Policy Global Dialog Box IKE PolicyVPN Client Tunnels 127 STEP/STAMP Encryption Secret IPSec Gateway IPSec Gateway Configuration Dialog BoxIPSec Gateway Dialog Box VPN Client Tunnels 129 130 IntraGuard Firewall Configuration 131 Interfaces Inside/Outside Settings FirewallPath Dialog BoxIntraGuard Firewall Configuration ‘OR’ Filters 133‘AND’ Filters SendTCPReset Advanced Settings Firewall Path Dialog BoxResetRedirects Advanced Options SynRejectOnly SendICMPReset135 ICMPtoTCPsession Security Policies Firewall Path Dialog Box Current Security Policy 137 Security Policies at a Glance 139 Security Policy Protocol Setting Dialog BoxSecurity Policy Protocol Setting Dialog Box Policy 140 141 Port/Protocol Number Allow Ports/Protocols Dialog BoxPort/Protocol Firewall Logging Dialog Box Firewall Logging Dialog Box143 TCP Resets IP TimeoutsTCP Timeouts Rejects Redirects Icmp Resets145 General SYN Timer Firewall Settings Dialog BoxFirewall Settings Dialog Box FIN Timer HalfShutTimer TCPTimeoutUDPTimeout DynamicTimerPage Global Bridging Configuration Dialog Box Bridging 149 Learning/IEEE Spanning Tree BridgingBridge On Table Size Priority Spanning Tree Fwd Delay Spanning TreeBridging 151 Aging Time Max Age Spanning Tree Interface Configuration Dialog Box Path Cost Spanning Tree Bridging 153 Bridging OnPriority Exclude Non-Routed Protocols WAN Link Protocols 155 Link Configuration WAN Dialog BoxLink Configuration WAN Dialog Box WAN On Failover Type WAN Link ProtocolsLink Type WAN Link Protocols 157 Backup PortTimers Allow Dial Out Drop Link If Inactive For Allow DialAlways Keep Link Up Dialing Method Dial-back Script WAN Link Protocols 159Dial-Out / Connect Script Dialing Retries / Connect Retries Retry Delay SettingScript Timeout Backup Disable Timer Failover Timers Configuration Dialog BoxBackup Enable Timer Backup Init Timer Maintenance Protocol Frame Relay Configuration Dialog BoxFrame Relay Configuration Dialog Box WAN Link Protocols 163 Polling Frequency Home Dlci Dlci Database Configuration Dialog Box Dlci Entry Dialog Box Dlci Database Dialog Box AppleTalk Address WAN Link Protocols 165Dlci # IPX Address Chap Configuration Dialog BoxChap Configuration Dialog Box DECnet Address Respond to Chap Challenges Request Chap AuthenticationWAN Link Protocols 167 Secret PAP Configuration Dialog BoxPAP Configuration Dialog Box Respond to PAP Requests Request PAP AuthenticationWAN Link Protocols 169 Smds Dialog Box PasswordSmds Dialog Box Station Address PPP Options Dialog Box PPP Options Dialog BoxWAN Link Protocols 171 IP Multicast Echo Packets On PPP Link Quality Configuration Dialog BoxSequenced Predictor Compression WAN Link Protocols 173 LCP Options Configuration Dialog BoxLCP Options Configuration Dialog Box Frequency in Seconds Echo Packets Protocol Compression Multilink PPP Dialog BoxAddress/Control Compression Mppp Bundle Name EnableWAN Link Protocols 175 Linked Ports WAN Chat Script Editor Dialog Box WAN Chat Script Editor Dialog BoxMPQual Chat Script Rules and Syntax WAN Link Protocols 177Chat Script Editor Dialog Box Buttons & Controls 178 WAN Link Protocols 179 To connect to an Internet Service Provider using a modem Chat Script Examples User Authentication Database Dialog Box WAN Link Protocols 181 Interfaces Password/SecretRemote Name Dial-back Chat Route Filters Button Main TCP/IP Filtering Dialog BoxTCP/IP Filtering 183 Packet Filters Button Block IP Source Routing TCP/IP Filter Editor WindowTCP/IP Filtering Log Rejected Source-Routed Packets TCP/IP Route Filter Rules Basic IP Route Filter Rules and Syntax TCP/IP Filtering 187 IP Route Filter Rule Options IP Route Filter Rule Modifiers IP Route Filter Rule Examples TCP/IP Packet Filter RulesIP Route Filter Rule Notification TCP/IP Filtering 189 Basic IP Packet Filter Rules and Syntax IP Packet Filter Rule Operators and Port Names TCP/IP Filtering 191 TCP Ports Icmp Types IP Packet Filter Rule Modifiers TCP/IP Filtering 193 UDP IP Packet Filter Rule Notification Simple IP Packet Filter Rule Examples TCP/IP Filtering 195 IP Packet Filter Rule Set Examples Interface TCP/IP Packet Filtering Configuration Dialog Box TCP/IP Packet Filtering Bridge Dialog Box IPX Filtering 197 Main IPX Filtering Configuration Dialog BoxMain IPX Filtering Dialog Box IPX Route Filters IPX Filter Editor Window IPX Filter Editor WindowIPX Filtering Filter Editor Window Buttons and Controls Basic IPX Packet Filter Rules and Syntax IPX Packet Filter RulesIPX Filtering 199 IPX Packet Filter Options IPX Filtering 201 IPX Packet Filter Rule Notification IPX Route Filter Rules IPX Packet Filter Rule Examples IPX Filtering 203 Basic IPX Route Filter Rules and Syntax IPX Route Filter Rule Options IPX Route Filter Rule Modifiers IPX Route Filter Rule Notification IPX SAP Filter RulesIPX Filtering 205 IPX Route Filter Rule Examples Basic IPX SAP Filter Rules and Syntax IPX SAP Filter Options IPX Filtering 207 IPX SAP Filter Rule Examples IPX SAP Filter Rule ModifiersIPX SAP Filter Rule Notification Interface IPX Packet Filtering Configuration Dialog Box IPX Filtering 209 210 Main AppleTalk Filter Editor Window Main AppleTalk Filtering Editor WindowAppleTalk Filtering 211 General Packet Filtering AppleTalk Packet Filter RulesAppleTalk Filtering Routing Filters Rtmp AppleTalk Filtering 213Get Zone List Basic AppleTalk Filter Rules and Syntax 214 AppleTalk Filtering 215 AppleTalk Rtmp Filter Rule Set Examples Simple AppleTalk Packet Filter Rule ExamplesAppleTalk Get Zone List Filter Rule Set Examples Input Rtmp Filters Interface AppleTalk Filtering Configuration Dialog BoxAppleTalk Filtering 217 Input Packet Filters Output Rtmp FiltersZone List Filters Output Packet Filters General 219 Physical RS-232 Configuration WAN Dialog BoxPhysical RS-232 Configuration WAN Dialog Box Async/Sync Flow Control Async Only Tx Clock Internal Sync OnlyBaud Rate Clock Scheme Physical T1 WAN Configuration Dialog BoxGeneral 221 Line Encoding Fractional T1 EnabledFraming Start Channel & Number of Channels Invert Data General 223 Contiguous Channels or Alternate ChannelsChannel Data Rate PRM Transmit Physical V.35 Configuration WAN Dialog Box Tx Clock Internal Physical DS3 Configuration WAN Dialog Box General 225 Bandwidth Allocation System Configuration Dialog BoxSystem Configuration Dialog Box Confirm Enable Password Confirm PasswordEnable Password General 227 Name of Administrator and How to Contact Snmp ConfigurationSnmp System Info Configuration Dialog Box Administrative Name Sets Enabled Advanced Snmp Configuration Dialog BoxSnmp Enabled Traps Enabled Community String Snmp Community Strings Configuration Dialog BoxSnmp Community Strings Configuration Dialog Box Snmp Traps Dialog Box Snmp Traps Configuration Dialog BoxGeneral 231 Access Host IP Address Primary DNS Server Domain Name Server DNS Dialog BoxDomain Name Server Dialog Box Secondary DNS Server Search Order General 233 Time Server Configuration Dialog BoxTime Server Dialog Box Add TCP/IP DNS Server Offset from Server Backup IP AddressProtocol General 235 Radius Configuration Dialog BoxRadius Configuration Dialog Box Accounting Port Authentication PortAccounting VPN Real IP Address General 237 VPN Tunnel Secret VPN AuthenticationPAP Authentication Secret VPN Group Info Secondary Server Retries Use Secret in ChecksumSecondary Server IP Address General 239 SecurID Configuration Dialog BoxEnable SecurID Port Backup Server Timeout General 241 NAT Configuration Dialog BoxNAT Configuration Dialog Box New Button Modify Button PassThru Range Addresses Internal RangeExternal Range TCP Syn Timeout General 243 TCP TimeoutUDP Timeout TCP Fin Timeout NAT Range Dialog Box NAT Range Dialog Box NAT Mapping Dialog Box NAT Range Dialog Box NAT Mapping Dialog BoxGeneral 245 Internal IP address NAT Mapping Translation Pair Examples General 247 Logging Configuration Dialog BoxLogging Configuration Dialog Box Logging On IP Address Syslogd On Only Send Log to Aux PortSyslogd On File Syslogd On Only General 249 Ldap ConfigurationLdap Server Dialog Box Ldap Server Dialog Box Primary Server Primary Password Ldap Config NameEnable Ldap Add Ldap Server Dialog Box General 251 Secondary Server Secondary Password Base Enable Ldap Authentication Ldap Authentication Dialog BoxLdap Authentication Dialog Box VPN Group Attribute General 253 Primary Server Primary PasswordSecondary Server Secondary Password VPN Shared Secret Attribute 254 Ospf Dialog Box Ospf Dialog BoxOspf 255 Area ID Ospf EnabledOspf Cost Ospf Area Ospf Area Dialog Box Add Ospf Area Dialog Box Stub Default Cost Ospf Authentication TypeEnable Stub Area Ospf 259 Ospf Area Name Ospf Virtual Link Net Range Dialog Box Ospf Virtual Link Dialog Box Enable Virtual LinkOspf 261 Add Ospf Virtual Link Dialog Box Transit Area Virtual Transit DelayOspf Packet Authentication Key Virtual Retransmission BGP General Dialog Box Enable BGPBGP 263 BGP General Dialog Box BGP Local Preference BGP Aggregates Dialog BoxBGP Use IPR Filters BGP 265 BGP Peer Configs Dialog BoxBGP Peer Configs Dialog Box Add BGP Aggregate Dialog Box Input Route Map BGP Peer Config NameEnable Ebgp Multihop Output Route Map IP Loopback Dialog Box BGP Peers Dialog Box BGP Peers Dialog BoxIP Loopback Add BGP Peer Dialog Box BGP Route Maps Editor Dialog Box BGP 269 BGP Route Maps Dialog Box BGP Route Map Editor Dialog Box Buttons & Controls Enter Data Dialog Box BGP Route Mapping RulesBGP 271 Action Direction Options/Output Modifiers BGP 273 Special Communities Options/Input Modifiers BGP Network Dialog Box BGP NetworksBGP Networks Dialog Box BGP 275 Subnet Mask 276 Appendices 277 IP Addresses Appendices Chart 1 IP Address ClassesChart 2 Standard IP Subnets Subnet Masks Broadcast Addresses Chart 3 Subnetted Class C Host RangesAppendices 279 Assigning a Subnet Mask Chart 4 Broadcast Address ExamplesAssigning an IP address Assigning a Broadcast Address IPX Routing Basics IPXAppendices 281 Static Routes & Routing Protocols 282 Client Machine Addressing Service Advertising ProtocolAppendices 283 AppleTalk AppleTalk Routing Basics Seeding a Network Segment Appendices 285Non-extended and Extended AppleTalk Networks Probing Zones Appendices 287 Router AutoconfigurationBridging Bridging Basics Transparent Bridging Spanning Tree Bridging Simple Bridging Example Multiport Bridges/Switches and Bridge GroupsAppendices 289 Bridge Groups on a Multiport Router Virtual Circuits Frame RelayAppendices 291 Addressing Encapsulation and Fragmentation Local & Global DLCIsLocal Management Interface LMI Network/Protocol Addressing and Virtual Interfaces Frame Relay Example Appendices 293Frame Relay Example Page Symbols Index 295 Index Index 297 IPX Index 299 TCP/IP See also, TCP/IP Index 301 NAT Index 303 RIP UDP Index 305 Dlci Index 307 Radius