Motorola 6161252-00-01 manual Advanced IP Profile Options Local Tunnel Endpoint Address

6-20 Administrator’s Handbook

•If you select Delete Network in the IP Profile Parameters screen, the same scrolling list will display. When you select one of the networks and press Return, a warning screen will ask you to confirm your choice:

•Specifying IKE key management alters the Advanced IP Profile Options screen as follows:

Advanced IP Profile Options

Enter an IP address in decimal and dot form (xxx.xxx.xxx.xxx).

•You can specify a Local Tunnel Endpoint Address. If not 0.0.0.0, this value must be one of the assigned interface addresses, either WAN or LAN. This is used as the source address of all IPsec traffic.

•You can specify a Next Hop Gateway. If you specify the Remote Tunnel Endpoint Address, and the address is in the same subnet as the Remote Members Network you specified in the IP Profile Parameters, the Next Hop Gateway option allows you to enter the address by which the Router partner is reached.

If you do not specify the Remote Tunnel Endpoint Address, the Router will use the default gateway to reach the partner. If the partner should be reached via an alternate port (for example, the LAN instead of the WAN), the Next Hop Gateway field allows this path to be resolved.

•You can specify an Idle Timeout (seconds) value. The idle timeout tells the Router that if no traffic passes through the tunnel for the specified number of seconds, no automatic SA re-key should be performed. When new traffic does pass through the tunnel, the idle timeout interval resets again when the current SAs expire.

If you set the value to zero, the Router will re-key the SA whenever the SA Lifetime interval specifies, regardless of whether traffic is passing through it or not. This will effectively “nail up” the tunnel.