NETGEAR FVS318G 5-20 Virtual Private Networking

ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual

5-20 Virtual Private Networking

v1.1, August 2010

Local

Identifier Type From the pull-down menu, select one of the following ISAKMP identifiers to be

used by the VPN firewall, and then specify the identifier in the field below:

•Local Wan IP. The WAN IP address of the VPN firewall. When you select this

option, the Identifier field automatically shows the IP address of the selected

WAN interface.

•FQDN. The Internet address for the VPN firewall.

•User FQDN. The email address for a local VPN client or the VPN firewall.

•DER ASN1 DN. A distinguished name (DN) that identifies the VPN firewall in

the DER encoding and ASN.1 format.

Identifier Depending on the selection of the Identifier Type pull-down

menu, enter the IP address, email address, FQDN, or

distinguished name.

Remote

Identifier Type From the pull-down menu, select one of the following ISAKMP identifiers to be

used by the remote endpoint, and then specify the identifier in the field below:

•Local Wan IP. The WAN IP address of the remote endpoint. When you select

this option, the Identifier field automatically shows the IP address of the

selected WAN interface.

•FQDN. The FQDN for a remote gateway.

•User FQDN. The email address for a remote VPN client or gateway.

•DER ASN1 DN. A distinguished name (DN) that identifies the remote endpoint

in the DER encoding and ASN.1 format.

Identifier Depending on the selection of the Identifier Type pull-down

menu, enter the IP address, email address, FQDN, or

distinguished name.

IKE SA Parameters

Encryption

Algorithm From the pull-down menu, select one of the following five algorithms to negotiate

the security association (SA):

•DES. Data Encryption Standard (DES)

•3DES. Triple DES. This is the default algorithm.

•AES-128. Advanced Encryption Standard (AES) with a 128-bits key size.

•AES-192. AES with a 192-bits key size.

•AES-256. AES with a 256-bits key size.

Authentication

Algorithm From the pull-down menu, select one of the following two algorithms to use in the

VPN header for the authentication process:

•SHA-1. Hash algorithm that produces a 160-bit digest. This is the default

setting.

•MD5. Hash algorithm that produces a 128-bit digest.

Table 5-2. Add IKE Policy Settings (continued)

Item Description (or Subfield and Description)