Parameter Descriptions
The following tables describe SafeHarbour’s parameters that are used for an IPSec VPN tunnel configura- tion:
| Table 2: IPSec Configuration page parameters |
|
|
Field | Description |
Name | The Name parameter refers to the name of the configured tunnel. This is |
| mainly used as an identifier for the administrator. The Name parameter is |
| an ASCII value and is limited to 31 characters. The tunnel name does not |
| need to match the peer gateway. |
Peer External IP | The Peer External IP Address is the public, or routable IP address of the |
Address | remote gateway or VPN server you are establishing the tunnel with. |
Encryption | Encryption protocol for the tunnel session. |
Protocol | Parameter values supported include NONE or ESP. |
Authentication | Authentication Protocol for IP packet header. The three parameter values |
Protocol | are None, Encapsulating Security Payload (ESP) and Authentication Header |
| (AH) |
Key Management The Key Management algorithm manages the exchange of security keys in the IPSec protocol architecture. SafeHarbour supports the standard Inter- net Key Exchange (IKE)
| Table 3: IPSec Tunnel Details page parameters |
|
|
Field | Description |
Name | The Name parameter refers to the name of the configured tunnel. This is |
| mainly used as an identifier for the administrator. The Name parameter is |
| an ASCII value and is limited to 31 characters. The tunnel name does not |
| need to match the peer gateway. |
Peer Internal | The Peer Internal IP Network is the private, or Local Area Network (LAN) |
Network | address of the remote gateway or VPN Server you are communicating with. |
Peer Internal | The Peer Internal IP Netmask is the subnet mask of the Peer Internal IP |
Netmask | Network. |
NAT enable | Turns NAT on or off for this tunnel. |
PAT Address | If NAT is enabled, this field appears. You can specify a Port Address Trans- |
| lation (PAT) address or leave the default |
| you leave the default. the address will be requested from the remote router |
| and dynamically applied to the Gateway. |
Negotiation | This parameter refers to the method used during the Phase I key |
Method | exchange, or IKE process. SafeHarbour supports Main or Aggressive |
| Mode. Main mode requires 3 |
| sive mode only requires 3 total message exchanges. |
Local ID type | If Aggressive mode is selected as the Negotiation Method, this option |
| appears. Selection options are: IP Address, Subnet, Hostname, ASCII |
Local ID Address/ If Aggressive mode is selected as the Negotiation Method, this field
Valueappears. This is the local
net or Hostname are selected as the Local ID Type).
