Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P v2

Key Management

IPSec uses the Internet Key Exchange (IKE) protocol to facilitate and automate the SA setup and the exchange of keys between parties transferring data. Using keys ensures that only the sender and receiver of a message can access it.

IPSec requires that keys be re-created, or refreshed, frequently, so that the parties can communicate securely with each other. IKE manages the process of refreshing keys; however, a user can control the key strength and the refresh frequency. Refreshing keys on a regular basis ensures data confidentiality between sender and receiver.

Understand the Process Before You Begin

This document provides case studies on how to configure secure IPSec VPN tunnels. This document assumes the reader has a working knowledge of NETGEAR management systems.

NETGEAR is a member of the VPN Consortium, a group formed to facilitate IPSec VPN vendor interoperability. The VPN Consortium has developed specific scenarios to aid system administrators in the often confusing process of connecting two different vendor implementations of the IPSec standard. The case studies in this appendix follow the addressing and configuration mechanics defined by the VPN Consortium. Additional information regarding inter-vendor

interoperability may be found at http://www.vpnc.org/interop.html.

It is a good idea to gather all the necessary information required to establish a VPN before you begin the configuration process. You should understand whether the firmware is up to date, all of the addresses that will be necessary, and all of the parameters that need to be set on both sides. Try to understand any incompatibilities before you begin, so that you minimize any potential complications which may arise from normal firewall or WAN processes.

If you are not a full-time system administrator, it is a good idea to familiarize yourself with the mechanics of a VPN. The brief description in this appendix will help. Other good sources include:

The NETGEAR VPN Tutorial – http://www.netgear.com/planetvpn/pvpn_2.html

The VPN Consortium – http://www.vpnc.org/

The VPN bibliography in “Additional Reading“ on page F-11.

F-6

Virtual Private Networking

201-10301-02, May 2005

Page 254
Image 254
NETGEAR FWG114P v2 manual Understand the Process Before You Begin, Key Management