Manuals / Multitech / Computer Equipment / Network Router

Multitech RF830-AP, RF820 VPN IPSec Add IKE Connection Key Life, Number of Retries, Left Next Hop

Models: RF820 RF830-AP RF830 RF820-AP

1 94
Download 94 pages 4.97 Kb
Page 62
Image 62

Chapter 5 – Configuration Using Web Management Software

VPN > IPSec > Add IKE Connection

Key Life

The duration for which the IPSec SA should last is from successful negotiation to expiration. The default value is 28800 seconds and the maximum is 86400 seconds.

Number of Retries

Specify the number of retries for the IPSec tunnel. Enter zero for unlimited retries.

Left Next Hop

Next Hop is the address of the next device in a routing table’s path that moves a packet to it’s destination. This setting can be configured or left as a static value: 0.0.0.0. When not configured, the value is set to the Gateway of the Box/Gateway configured on the Interface/Right IP. The selection is based on the Left and Right IP.

Local WAN IP

This is the interface initiating the IPSec tunnel.

Local LAN

Internal subnet of the local security gateway for which the security services should be provided. If the RouteFinder acts as a host, this should be configured as None.

Remote Gateway IP

Interface where the IPSec tunnel ends. In the case of a Road Warrior with a Dynamic IP address, this should be configured to ANY.

FQDN

FQDN is a DNS resolvable fully qualified domain name with which identity the right peer can be identified. When FQDN is selected, the Remote Gateway IP should be blank.

Remote LAN

Internal subnet of the remote security gateway for which the security services should be provided. If the remote end is the host, this should be configured as None.

Failover (Note: Failover is available on the RF830/RF830-AP only.)

Check the box to enable VPN failover for the tunnel. When this field is enabled, the tunnel will failover onto the other interface if the local interface is down. For example, if the tunnel is configured on WAN 1 but the link goes down, the tunnel again comes up on the link that is up (i.e., LAN 2). Failover is possible only when the remote gateway is an FQDN (Fully Qualified Domain Name) and Dynamic DNS Failover is enabled (see the Network > Dynamic DNS screen).

UID (Unique Identifier String)

Check the UID box to enable the Local ID and Remote ID. Local ID and Remote ID are active only when UID is enabled.

Local ID

Enter a string identifier for the local security gateway.

Remote ID

Enter a string identifier for the remote security gateway.

NetBIOS Broadcast

Check this option to enable broadcasts over the connection. It will allow computers on the network to share Microsoft file and printer sharing information.

Multi-Tech Systems, Inc. RouteFinder SOHO RF820/RF820-AP & RF830/RF830-AP User Guide (S000399E)

62

Page 61 Page 63
Page 62
Image 62
Multitech RF830-AP, RF820 VPN IPSec Add IKE Connection Key Life, Number of Retries, Left Next Hop, Local WAN IP, Local LAN
Page 61 Page 63