Motorola 3397GP manual 201, Field Description

Table 2: IPSec Configuration page parameters

Field

Description

Name

The Name parameter refers to the name of the configured tunnel. This is mainly used as

an identifier for the administrator. The Name parameter is an ASCII value and is limited

to 31 characters. The tunnel name does not need to match the peer gateway.

Peer External IP

The Peer External IP Address is the public, or routable IP address of the remote gateway

Address

or VPN server you are establishing the tunnel with.

Encryption

Encryption protocol for the tunnel session.

Protocol

Parameter values supported include NONE or ESP.

Authentication

Authentication Protocol for IP packet header. The three parameter values are None,

Protocol

Encapsulating Security Payload (ESP) and Authentication Header (AH)

Key Management

The Key Management algorithm manages the exchange of security keys in the IPSec pro-

tocol architecture. SafeHarbour supports the standard Internet Key Exchange (IKE)

Table 3: IPSec Tunnel Details page parameters

Field

Description

Name

The Name parameter refers to the name of the configured tunnel. This is mainly used as

an identifier for the administrator. The Name parameter is an ASCII value and is limited

to 31 characters. The tunnel name does not need to match the peer gateway.

Peer Internal

The Peer Internal IP Network is the private, or Local Area Network (LAN) address of the

Network

remote gateway or VPN Server you are communicating with.

Peer Internal

The Peer Internal IP Netmask is the subnet mask of the Peer Internal IP Network.

Netmask

NAT enable

Turns NAT on or off for this tunnel.

PAT Address

If NAT is enabled, this field appears. You can specify a Port Address Translation (PAT)

address or leave the default all-zeroes (if Xauth is enabled). If you leave the default. the

address will be requested from the remote router and dynamically applied to the Gate-

way.

Negotiation

This parameter refers to the method used during the Phase I key exchange, or IKE pro-

Method

cess. SafeHarbour supports Main or Aggressive Mode. Main mode requires 3 two-way

message exchanges while Aggressive mode only requires 3 total message exchanges.

Local ID type

If Aggressive mode is selected as the Negotiation Method, this option appears. Selec-

tion options are: IP Address, Subnet, Hostname, ASCII

Local ID Address/

If Aggressive mode is selected as the Negotiation Method, this field appears. This is the

Value

local (Gateway-side) IP address (or Name Value, if Subnet or Hostname are selected as

the Local ID Type).

Local ID Mask

If Aggressive mode is selected as the Negotiation Method, and Subnet as the Local ID

Type, this field appears. This is the local (Gateway-side) subnet mask.

Remote ID Type

If Aggressive mode is selected as the Negotiation Method, this option appears. Selec-

tion options are: IP Address, Subnet, Hostname, ASCII.

Remote ID

If Aggressive mode is selected as the Negotiation Method, this field appears. This is the

Address/Value

remote (central-office-side) IP address (or Name Value, if Subnet or Hostname are

selected as the Local ID Type).