ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual

Each policy that is listed in the List of IKE Policies table contains the following data:

Name. Uniquely identifies each IKE policy. The name is chosen by you and used for the purpose of managing your policies; it is not supplied to the remote VPN Server.

Mode. Two modes are available: either “Main” or “Aggressive”.

Main Mode is slower but more secure.

Aggressive mode is faster but less secure. (If specifying either a FQDN or a User FQDN name as the Local ID/Remote ID, aggressive mode is automatically selected.)

Local ID. The IKE/ISAKMP identifier of this device. (The remote VPN must have this value as their “Remote ID”.)

Remote ID. The IKE/ISAKMP identifier of the remote VPN gateway. (The remote VPN must have this value as their “Local ID”.)

Encr. Encryption Algorithm used for the IKE SA. The default setting using the VPN Wizard is 3DES. (This setting must match the remote VPN.)

Auth. Authentication Algorithm used for the IKE SA. The default setting using the VPN Wizard is SHA1. (This setting must match the remote VPN.)

DH. Diffie-Hellman Group. The Diffie-Hellman algorithm is used when exchanging keys. The DH Group sets the number of bits. The VPN Wizard default setting is Group 2. (This setting must match the remote VPN.)

Enable Dead Peer Detection: Dead Peer Detection is used to detect whether the peer is alive or not. If the peer is detected as dead, the IPSec and IKE Security Association are deleted.

To delete one or more IKE polices:

1.Select the checkbox to the left of the policy that you want to delete or click the select all button to select all IKE policies.

2.Click the delete button.

To add or edit an IKE policy, see “Manually Adding or Editing an IKE Policy” on page 5-18.

Note: You cannot delete or edit an IKE policy for which the VPN policy is active. You first must disable or delete the VPN policy before you can delete or edit the IKE policy.

Note: To gain a more complete understanding of the encryption, authentication and DH algorithm technologies, see the link to “Virtual Private Networking Basics” on page C-1.

Virtual Private Networking

5-17

v1.1, August 2010

Page 115
Image 115
NETGEAR manual ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual