Field Description IPsec Settings, Pre-shared key | Motorola SVG2500

10 SVG2500 VPN PAGES

Field	Description
IPsec Settings	With VPN tunnels, there are two phases of Security Association
	(SA). Phase 1 is used to create an IKE SA. After Phase 1 is
	completed, Phase 2 is used to create one or more IPSEC SAs,
	which are then used to key IPSEC sessions.
Pre-shared key	If one side of the VPN tunnel is using a unique firewall identifier (or
	Pre-shared Key), the firewall identifier or Pre-shared Key should be
	entered in the "Pre-shared Key" field.
Phase 1 DH group	There are three Diffie-Hellman groups to choose from: 768 bits,
	1024 bits, and 1536 bits.
	Diffie-Hellman is a cryptographic technique that uses public and
	private keys for encryption and decryption. The higher the number
	of bits selected from the options list, the more secure the
	encryption. Options: Group 1 (768 bits), Group 2 (1024 bits), or
	Group 5 (1536 bits).
Phase 1 encryption	Encryption is used to secure the VPN connection between
	endpoints. Five different types of encryption are available: DES,
	3DES, AES-128, AES-192, and AES-256. Any form off encryption
	may be selected as long as the far endpoint matches. One of the
	more common settings here is 3DES; however, AES is also a very
	strong encryption method.
Phase 1 authentication	Authentication acts as another level of security. The two types of
	authentication available are MD5 and SHA. SHA is recommended
	because it is more secure. Either authentication type may be used
	as long as the other end of the VPN tunnel uses the same method.
Phase 1 SA lifetime	Specifies the lifetime of individual rotating keys.
	Enter the desired number of seconds for the key to last until a re-
	key negotiation between each endpoint is negotiated. The default
	setting is 28,800 seconds.
	A smaller lifetime is generally more secure, since it would give an
	attacker a smaller amount of time to try to crack the key, but key
	negotiation does take up bandwidth, so network throughput will be
	sacrificed with small lifetimes. Entries here are typically in the
	thousands or tens of thousands of seconds.

113

Image 128

Motorola SVG2500 manual Field Description IPsec Settings, Pre-shared key, Phase 1 DH group, Phase 1 encryption

Contents

SVG2500 Safety and Regulatory Information Page Safety Requirements for the SVG2500 LITHIUM-ION Battery FCC Radiation Exposure Statement Important Voip Service InformationFCC Statements Wireless LAN Information Restrictions on the USE of Wireless DevicesIndustry Canada IC Statement IC Radiation Exposure Statement International Declaration of Conformity Caring for the Environment by Recycling You may not Software LicenseYou may Viii Warranty Information Page Contents Xii Contents Xiv Overview Easy Setup Powerful Features in a Single UnitNetwork Connection Types Overview Sample Hybrid LAN Optional Accessories Sample Hybrid LAN VoIP Telephone Service with Your SVG2500 Telephone Features Supported by the SVG2500 Cell Phone Pairing and the SVG2500 Wi-Fi Feature Top Panel Key Light Flashing Amber Name Description Rear Panel Key Description SVG2500 LAN Choices Wireless LANBottom Label on the SVG2500 Sample Wireless Network Connections Wired Ethernet LAN Sample Ethernet to Computer Connection Sample Ethernet Connection to Hubs or Switches USB Connection Sample USB Connection Security SVG2500 Security Measures Port Triggering FirewallDMZ Virtual Private Networks Wireless SecurityPort Forwarding Before You Begin InstallationSVG2500 Quick Installation Guide Precautions InstallationWireless LAN Wired Ethernet Signing Up for Service Computer System Requirements Installing the Battery Installation Connecting the SVG2500 to the Cable System Power Installing USB Drivers Cabling the LAN Installing the Windows 2000 USB Driver Select CD-ROM drives only Installing the Windows XP USB Driver Installation Installing the Windows Vista USB Driver Installation Connecting a PC to the SVG2500 USB Port Obtaining an IP Address for an Ethernet Connection Windows Windows XP Installation Windows Vista Installation Installation Linux Type pump -i dev Configuring TCP/IP Macintosh or Unix Configuring TCP/IP in Windows Installation Installation Configuring TCP/IP in Windows XP Installation Configuring TCP/IP in Windows Vista Installation Installation Verifying the IP Address in Windows 2000 or Windows XP Installation Click All Programs Click Accessories Verifying the IP Address in Windows Vista Installation Installation Installing the Telephone for VoIP Wall Mounting Your SVG2500 Installation Caution Wall Mounting Template Basic Configuration Starting the SVG2500 Configuration Manager Cmgr Basic Configuration SVG2500 Menu Options Bar Changing the SVG2500 Default Password Password Change Username field, type your new User NameRestore Factory Defaults SVG2500 Submenu Options Getting Help Gaming Configuration Guidelines Configuring the Firewall for GamingConfiguring Port Triggers Configuring a Gaming DMZ Host Exiting the SVG2500 Configuration Manager SVG2500 Status Pages Status Software Field Description Startup Procedure Status ConnectionSVG2500 Status Pages Downstream Channel Changing the SVG2500 Default Password Status Security Ping Utility Status DiagnosticsTesting Network Connectivity with the SVG2500 Traceroute Utility Status Event Log Field Description Time SVG2500 Basic Pages Basic SetupField Description Napt mode SVG2500 Basic Pages Basic Dhcp Basic Ddns Backing Up Your SVG2500 Configuration Basic BackupRestoring Your SVG2500 Configuration SVG2500 Advanced Pages Advanced OptionsField Description WAN Blocking Ipsec PassThrough Field Description Remote Configuration Multicast EnableUPnP Enable SVG2500 Advanced Pages Enabled Advanced IP FilteringField Description Start Address End Address Setting a MAC Address Filter Advanced MAC FilteringField Description MAC Assigned to a PC during manufacturing Advanced Port Filtering Apply Advanced Port Forwarding Advanced Port Triggers Field Description Trigger Range Start Port Setting Up the DMZ Host Advanced DMZ Host Advanced Routing Information Protocol Setup Field Description RIP EnableRIP Authentication RIP Authentication Key Table in your CPE Field Description RIP Reporting IntervalRIP Destination IP Address SVG2500 Firewall Pages Firewall Web Content Filter SVG2500 Firewall Pages Smtp server name from your Internet service provider Mail Alerts Enable or disable e-mailing firewall alertsFirewall Local Log Firewall log to your email address. You can obtain Firewall Remote Log Parental Control User Setup SVG2500 Parental Control Pages SVG2500 Parental Control Pages Parental Control Basic Setup Parental Control ToD Access Policy Parental Control Event Log Encrypting Wireless LAN Transmissions SVG2500 Wireless PagesSetting Up Your Wireless LAN SVG2500 Wireless Pages Wlan Network Name Ssid Wireless 802.11b/g BasicField Description Wireless MAC Address Field Description Network Type CountryChannel Interface Wireless 802.11b/g Privacy Shared Key Authentication 802.1x AuthenticationWPA/WPA2 Encryption WPA Pre-Shared Key WPS Config Button ModeField Description Network Key Current Network Key Connected Clients Wireless 802.11b/g Access ControlField Description MAC Restrict Mode Wireless 802.11b/g Advanced Wireless Bridging Wireless 802.11b/g Wi-Fi Multimedia Power Save SupportField Description WMM Support No-Acknowledgement Field Description Edca AP Parameters Edca STA Parameters Wireless 802.11b/g Guest Network Field Description Guest Network Current Guest NetworkGuest Network Name Ssid Closed Network On the SVG2500 Configuring the Wireless ClientsConfiguring a Wireless Client for WPA Configuring a Wireless Client for WEP Configuring a Wireless Client with the Network Name Ssid 10 SVG2500 VPN Pages VPN Basic Configure each tunnel individually VPN IPsec10 SVG2500 VPN Pages Field Description Tunnel Enable drop-down Local Endpoint Settings Address group typeField Description Name Identity Type Remote Address Network addressType Field Description IPsec Settings Phase 1 DH groupPhase 1 encryption Phase 1 authentication VPN L2TP/PPTP VPN Event Log MTA Dhcp 11 SVG2500 MTA PagesMTA Status MTA QoS 11 SVG2500 MTA Pages MTA Provisioning MTA Event Log 12 SVG2500 Battery Pages Battery Controller 12 SVG2500 Battery Pages Battery UPSBattery Interface Delay Troubleshooting Solutions Front-Panel Lights and Error Conditions TroubleshootingRemoving USB Drivers Removing the USB Driver in Windows 124 Removing the USB Driver in Windows XP 126 Double-clickNetwork adapters Removing the USB Driver in Windows Vista 129 130 Contact US Frequently Asked Questions Can I still watch cable TV while using my SVG2500? Frequently Asked QuestionsWhat are CableLabs Certified, DOCSIS, and Euro-DOCSIS? What type of technical support is available? Specifications North America Outside North America 135 Specifications General Network Glossary Bpkm BCPBER Cable modem configuration file BridgeBroadband Broadcast Cmts CNRCPE CSMA/CD Dhcp Term Definition DNS DocsisDSL Dsss EAP Term Definition FCS FEC FmdaFTP GUI HFC Html Term Definition Iana IcmpIcsa Ieee IKE Term Definition Isakmp IsdnISO ISP Term Definition LCP LEDLNS MIB Mpdu MsduMSO MTU NIC OSI PAT PCIPcmcia PDA Pstn PPPPptp Term Definition QAM QpskTerm Definition RAS RFC Term Definition ROM RTSSDU SID Ssid Syslog Term Definition TbcpTCP TCP/IP Term Definition TTL Term Definition UDPUSB UTP VPN WANWAP Weca