ADSL Gateway
•Delete: Click this button to delete the selected tunnel.
•Summary: Click this button to see a summary of your IPSec settings and the tunnels’ status.
•IPSec VPN Tunnel: Click Enabled to enable the selected tunnel, or Disabled to disable it.
•Tunnel Name: Click and type in this box to give the selected tunnel a name. A name is required, but is only for your reference and need not match the name used at the remote gateway or client.
•Local Secure Group: To give an entire local network access to the tunnel, select Subnet and enter the network address and mask. To give a particular host access to the tunnel, select IP Address and enter the host’s address and mask.
•Local Security Gateway: If you have multiple PVCs, open this list and select the PVC you wish to use for the VPN tunnel.
•Remote Secure Group: Use this control to specify the remote device or devices that will be granted access to the tunnel. This can be the public IP address of a network or host; the IP address and mask of a remote subnet; Host, that is, identical to the Remote Security Gateway setting; or Any, which allows any device with permission from the remote security gateway to access the tunnel.
•Remote Security Gateway: Use the controls in this section to specify the remote endpoint of the IPSec tunnel, whether it will be a gateway or a client. Select IP Address or FQDN (fully qualified domain name) and input the correct address or name; or select Any, which allows any machine with the correct IPSec settings to act as the remote endpoint of the tunnel.
•Encryption: To have communication through the tunnel encrypted, select DES (Data Encryption Standard) or 3DES (Triple DES). To leave communication unencryped, select Disable.
•Authentication: Authentication verifies the identity of the remote machine and the integrity of the data received. Set this control to MD5 (Message Digest 5) or SHA (Secure Hash Algorithm). SHA is newer, and generally considered more secure, than MD5.
•Key Management: A key is a string of letters and/or numbers that is used for authentication or encryption. Key management can be automatic (performed by IKE, the Internet Key Exchange protocol) or manual.
•To use automatic key management, select Auto.(IKE), enter the
Chapter 5: Configuring the ADSL Gateway
Figure 5-20: VPN Settings Summary
25
The Security Tab