ProSecure Unified Threat Management (UTM) Appliance Reference Manual

Table 7-10. Add IKE Policy Settings (continued)

Item

Description (or Subfield and Description)

 

 

 

 

Local

 

 

 

 

 

 

Select Local Gateway

For the dual-WAN port models only, select a radio button to specify the WAN1

(dual-WAN port

or WAN2 interface.

 

models only)

 

 

 

 

 

Identifier Type

From the pull-down menu, select one of the following ISAKMP identifiers to be

 

used by the UTM, and then specify the identifier in the field below:

 

Local WAN IP. The WAN IP address of the UTM. When you select this

 

option, the Identifier field automatically shows the IP address of the selected

 

WAN interface.

 

 

FQDN. The Internet address for the UTM.

 

User FQDN. The e-mail address for a local VPN client or the UTM.

 

DER ASN1 DN. A distinguished name (DN) that identifies the UTM in the

 

DER encoding and ASN.1 format.

 

Identifier

 

Depending on the selection of the Identifier Type pull-down

 

 

 

menu, enter the IP address, e-mail address, FQDN, or

 

 

 

distinguished name.

 

 

 

 

Remote

 

 

 

 

 

 

Identifier Type

From the pull-down menu, select one of the following ISAKMP identifiers to be

 

used by the remote endpoint, and then specify the identifier in the field below:

 

Local WAN IP. The WAN IP address of the remote endpoint. When you

 

select this option, the Identifier field automatically shows the IP address of

 

the selected WAN interface.

 

FQDN. The FQDN for a remote gateway.

 

User FQDN. The e-mail address for a remote VPN client or gateway.

 

DER ASN1 DN. A distinguished name (DN) that identifies the remote

 

endpoint in the DER encoding and ASN.1 format.

 

Identifier

 

Depending on the selection of the Identifier Type pull-down

 

 

 

menu, enter the IP address, e-mail address, FQDN, or

 

 

 

distinguished name.

 

 

 

 

IKE SA Parameters

 

 

 

 

 

 

Encryption Algorithm

From the pull-down menu, select one of the following five algorithms to

 

negotiate the security association (SA):

 

DES. Data Encryption Standard (DES)

 

3DES. Triple DES. This is the default algorithm.

 

AES-128. Advanced Encryption Standard (AES) with a 128-bits key size.

 

AES-192. AES with a 192-bits key size.

 

AES-256. AES with a 256-bits key size.

7-28

Virtual Private Networking Using IPsec Connections

v1.0, January 2010

Page 240
Image 240
NETGEAR UTM50-100NAS, UTM5-100NAS manual Local, Remote, IKE SA Parameters