N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual

Table 5. VPN - Auto Policy Screen Settings (Continued)

Fields and Settings

Description

 

 

 

IKE

Direction

This setting is used when the router determines if the IKE policy

 

 

matches the current traffic. Select an option.

 

 

Responder only. Incoming connections are allowed, but outgoing

 

 

connections are blocked.

 

 

Initiator and Responder. Both incoming and outgoing connections

 

 

are allowed.

 

 

 

 

Exchange Mode

Ensure that the remote VPN endpoint is set to use Main Mode.

 

 

 

 

Diffie-Hellman

The Diffie-Hellman algorithm is used when keys are exchanged. The

 

(DH) Group

DH Group setting determines the bit size used in the exchange. This

 

 

value must match the value used on the remote VPN gateway.

 

 

 

 

Local Identity Type

Select an option to match the Remote Identity Type setting on the

 

 

remote VPN endpoint.

 

 

WAN IP Address. Your Internet IP address.

 

 

Fully Qualified Domain Name. Your domain name.

 

 

Fully Qualified User Name. Your name, email address, or other ID.

 

 

 

 

Local Identity Data

Enter the data for the local identity type that you selected. (If WAN IP

 

 

Address is selected, no input is required.)

 

Remote Identity

Select the option that matches the Local Identity Type setting on the

 

Type

remote VPN endpoint.

 

 

IP Address. The Internet IP address of the remote VPN endpoint.

 

 

Fully Qualified Domain Name. The domain name of the remote

 

 

VPN endpoint.

 

 

Fully Qualified User Name. The name, email address, or other ID of

 

 

the remote VPN endpoint.

 

 

 

 

Remote Identity

Enter the data for the remote identity type that you selected. If IP

 

Data

Address is selected, no input is required.

Parameters

Encryption

The encryption algorithm used for both IKE and IPSec. This setting

 

Algorithm

must match the setting used on the remote VPN gateway. DES and

 

 

3DES are supported.

 

 

DES. The Data Encryption Standard (DES) processes input data that

 

 

is 64 bits wide, encrypting these values using a 56-bit key. Faster but

 

 

less secure than 3DES.

 

 

3DES. (Triple DES) achieves a higher level of security by encrypting

 

 

the data three times using DES with three different, unrelated keys.

 

 

 

 

Authentication

The authentication algorithm used for both IKE and IPSec. This setting

 

Algorithm

must match the setting used on the remote VPN gateway. Auto, MD5,

 

 

and SHA-1 are supported. Auto negotiates with the remote VPN

 

 

endpoint and is not available in responder-only mode.

 

 

MD5. 128 bits, faster but less secure.

 

 

SHA-1. 160 bits, slower but more secure. This is the default.

 

 

 

 

Pre-shared Key

The key must be entered both here and on the remote VPN gateway.

 

 

 

104 Chapter 6. Virtual Private Networking

Page 103 Page 105
Page 104
Image 104
NETGEAR DGND3300-100NAS user manual Ike, Fully Qualified Domain Name. Your domain name
Page 103 Page 105
Top Page Image Contents