Configure Security

 

 

 

 

Section

Field Description

 

 

Key

Select one of the following options for the key exchange method:

 

(continued)Management

Auto (IKE)

 

 

 

Encryption: The Encryption method determines the length of the key used

 

 

 

to encrypt/decrypt ESP packets. Notice that both sides must use the same

 

 

 

method.

 

 

 

Authentication: The Authentication method authenticates the

 

 

 

Encapsulating Security Payload (ESP) packets. Select MD5 or SHA. Notice

 

 

 

that both sides (VPN endpoints) must use the same method.

 

 

 

MD5: A one-way hashing algorithm that produces a 128-bit digest

 

 

 

SHA: A one-way hashing algorithm that produces a 160-bit digest

 

 

 

Perfect Forward Secrecy (PFS): If PFS is enabled, IKE Phase 2 negotiation

 

 

 

will generate new key material for IP traffic encryption and authentication.

 

 

 

Note that both sides must have PFS enabled.

 

 

 

Pre-Shared Key: IKE uses the Pre-Shared Key to authenticate the remote

 

 

 

IKE peer. Both character and hexadecimal values are acceptable in this

 

 

 

field, e.g., "My_@123" or "0x4d795f40313233". Note that both sides must use

 

 

 

the same Pre-Shared Key.

 

 

 

Key Lifetime: This field specifies the lifetime of the IKE generated key. If

 

 

 

the time expires, a new key will be renegotiated automatically. The Key

 

 

 

Lifetime may range from 300 to 100,000,000 seconds. The default lifetime is

 

 

 

3600 seconds.

 

 

Manual

 

 

 

Encryption: The Encryption method determines the length of the key used

 

 

 

to encrypt/decrypt ESP packets. Notice that both sides must use the same

 

 

 

method.

 

 

 

Encryption Key: This field specifies a key used to encrypt and decrypt IP

 

 

 

traffic. Both character and hexadecimal values are acceptable in this field.

 

 

 

Note that both sides must use the same Encryption Key.

 

 

 

Authentication: The Authentication method authenticates the

 

 

 

Encapsulating Security Payload (ESP) packets. Select MD5 or SHA. Notice

 

 

 

that both sides (VPN endpoints) must use the same method.

 

 

 

MD5: A one-way hashing algorithm that produces a 128-bit digest

 

 

 

SHA: A one-way hashing algorithm that produces a 160-bit digest

 

 

 

Authentication Key: This field specifies a key used to authenticate IP

 

 

 

traffic. Both character and hexadecimal values are acceptable in this field.

 

 

 

Note that both sides must use the same Authentication Key.

 

 

 

Inbound SPI/Outbound SPI: The Security Parameter Index (SPI) is carried

 

 

 

in the ESP header. This enables the receiver to select the SA, under which a

 

 

 

packet should be processed. The SPI is a 32-bit value. Both decimal and

 

 

 

hexadecimal values are acceptable. e.g., "987654321" or "0x3ade68b1". Each

 

 

 

tunnel must have a unique Inbound SPI and Outbound SPI. No two tunnels

 

 

 

share the same SPI. Note that the Inbound SPI must match the remote

 

 

 

gateway's Outbound SPI, and vice versa.

 

 

 

 

 

60

 

 

4021192 Rev A

Page 59 Page 61
Page 60
Image 60
Gateway DPC3925, EPC3925 important safety instructions Section Field Description Key, Auto IKE, Manual
Page 59 Page 61

DPC3925, EPC3925 specifications

The Gateway EPC3925 and DPC3925 are powerful wireless gateway devices that provide high-speed internet access and advanced networking features. Designed primarily for residential and small business environments, these devices offer a combination of ease of use, reliability, and performance that makes them a popular choice among users.

One of the main features of the Gateway EPC3925 and DPC3925 is their support for DOCSIS 3.0 technology. This enables the devices to deliver high-speed internet connectivity by allowing multiple channels to be bonded together, significantly increasing download and upload speeds compared to previous DOCSIS standards. DOCSIS 3.0 can support speeds of up to 1 Gbps, making it suitable for bandwidth-intensive applications like streaming HD videos, online gaming, and large file downloads.

Both models are equipped with a built-in Wireless-N (802.11n) router, which allows users to create a wireless network in their home or office easily. This standard provides a stable connection with improved range and speed compared to older wireless standards. Additionally, users can connect multiple devices, such as smartphones, tablets, laptops, and smart TVs, without experiencing significant drops in performance.

Security is a critical aspect of the Gateway EPC3925 and DPC3925. These devices come equipped with several security features to protect the network from unauthorized access. The devices support WPA/WPA2 encryption protocols, ensuring that wireless transmissions are secure. Moreover, they offer features such as a firewall and DMZ settings, which provide additional layers of protection for users’ data.

Another noteworthy characteristic of the EPC3925 and DPC3925 is their user-friendly interface. The web-based management console allows users to easily configure settings, manage connected devices, and monitor network performance. This intuitive interface makes it accessible for users with varying levels of technical expertise.

The Gateway EPC3925 and DPC3925 are also compatible with multiple ISPs, making them versatile options for customers looking for reliable internet connectivity solutions. Their compact design allows for easy placement in various locations, ensuring that users can integrate them seamlessly into their existing setups.

In summary, the Gateway EPC3925 and DPC3925 provide a robust solution for those looking for high-speed internet access combined with advanced networking features. With their DOCSIS 3.0 support, Wireless-N capabilities, and comprehensive security measures, these gateways are designed to meet the demands of modern internet usage, making them ideal for both home and small office environments.
Top Page Image Contents