ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual

Table 5-3. Add VPN Policy Settings (continued)

 

Item

Description (or Subfield and Description)

 

 

 

 

Traffic Selection

 

 

 

 

 

Local IP

From the pull-down menu, select the address or addresses that are part of the

 

 

VPN tunnel on the VPN firewall:

 

 

Any. All PCs and devices on the network.

 

 

Note: You cannot select Any for both the VPN firewall and the remote endpoint.

 

 

Single. A single IP address on the network. Enter the IP address in the Start IP

 

 

Address field.

 

 

Range. A range of IP addresses on the network. Enter the starting IP address

 

 

in the Start IP Address field and the ending IP address in the End IP Address

 

 

field.

 

 

Subnet. A subnet on the network. Enter the starting IP address in the Start IP

 

 

Address field and the subnet mask in the Subnet Mask field.

 

 

 

 

Remote IP

From the pull-down menu, select the address or addresses that are part of the

 

 

VPN tunnel on the remote endpoint. The menu choices are the same as for the

 

 

Local IP pull-down menu (see above).

 

 

 

 

Manual Policy Parameters

 

Note: These fields apply only when you select Manual Policy as the policy type. When you specify the

 

settings for the fields in this section, a security association (SA) is created.

 

 

 

 

SPI-Incoming

The Security Parameters Index (SPI) for the inbound policy. Enter a hexadecimal

 

 

value between 3 and 8 characters (for example: 0x1234).

 

 

 

 

Encryption

From the pull-down menu, select one of the following five algorithms to negotiate

 

Algorithm

the security association (SA):

 

 

DES. Data Encryption Standard (DES)

 

 

3DES. Triple DES. This is the default algorithm.

 

 

AES-128. Advanced Encryption Standard (AES) with a 128-bits key size.

 

 

AES-192. AES with a 192-bits key size.

 

 

AES-256. AES with a 256-bits key size.

 

Key-In

The encryption key for he inbound policy. The length of the key depends on the

 

 

selected encryption algorithm:

 

 

• DES: enter 8 characters.

 

 

• 3DES: enter 24 characters.

 

 

AES-128: enter 16 characters.

 

 

AES-192: enter 24 characters.

 

 

AES-256: enter 32 characters.

 

 

 

 

Key-Out

The encryption key for he outbound policy. The length of the key depends on the

 

 

selected encryption algorithm. The required key lengths are the same as for the

 

 

Key-In (se above).

 

 

 

 

SPI-Outgoing

The Security Parameters Index (SPI) for the outbound policy. Enter a

 

 

hexadecimal value between 3 and 8 characters (for example: 0x1234).

 

 

 

 

 

 

5-28

Virtual Private Networking

v1.1, August 2010

Page 125 Page 127
Page 126
Image 126
NETGEAR FVS318G manual Traffic Selection, Manual Policy Parameters
Page 125 Page 127
Top Page Image Contents