D6200 WiFi DSL Modem Router

-Subnet address. Enter an IP address in the Single/Start IP address field, and the desired network mask in the Subnet Mask field.

The remote VPN endpoint must have these IP addresses entered as its local addresses.

IKE.

-Direction/Type. This setting is used to determine if the IKE policy matches the current traffic. Select the desired option.

-Responder only. Incoming connections are allowed, but outgoing connections are blocked.

-Initiator and Responder. Both incoming and outgoing connections are allowed.

-Exchange Mode. Currently, only Main Mode is supported. Ensure that the remote VPN endpoint is set to use Main Mode.

-Diffie-Hellman (DH) Group. When the VPN connection keys are exchanged, the Diffie-Hellman algorithm is used. The DH Group setting determines the bit size used in the exchange. This value must match the value used on the remote VPN gateway.

-Local Identity Type. Select the desired option to match the Remote Identity Type setting on the remote VPN endpoint.

-WAN IP Address. Your Internet IP address.

-Fully Qualified Domain Name. Your domain name.

-Fully Qualified User Name. Your name, email address, or other ID.

-Local Identity Data. Enter the data for the selection. When WAN IP Address is selected, no input is required.

-Remote Identity Type. Select the desired option to match the Local Identity Type setting on the remote VPN endpoint.

-IP Address. The Internet IP address of the remote VPN endpoint.

-Fully Qualified Domain Name. The domain name of the remote VPN endpoint.

-Fully Qualified User Name. The name, email address, or other ID of the remote VPN endpoint.

-Remote Identity Data. Enter the data for the selection. When IP Address is selected, no input is required.

Parameters.

-Encryption Algorithm. The encryption algorithm used for both IKE and IPSec. This setting must match the setting used on the remote VPN gateway.

-Authentication Algorithm. The authentication algorithm used for both IKE and IPSec. This setting must match the setting used on the remote VPN gateway.

-Pre-shared Key. The key has to be entered both here and on the remote VPN gateway.

-SA Life Time. This setting determines the time interval before the SA (security association) expires. (It is automatically reestablished as required.) While using a short time period (or data amount) increases security, it also degrades

Advanced Settings

138

Page 137 Page 139
Page 138
Image 138
NETGEAR 202-11171-04 user manual Ike, Fully Qualified Domain Name. Your domain name, Parameters
Page 137 Page 139
Top Page Image Contents