Netopia 4000-Series manual About IPsec Tunnels, IP Profile Parameters screen appears

Virtual Private Networks (VPNs) 4-7

The IP Profile Parameters screen appears.

IP Profile Parameters

■Enter the Remote IP Address and Remote IP Mask for the host to which you want to tunnel.

About IPsec Tunnels

IPsec stands for IP Security, a set of protocols that supports secure exchange of IP packets at the IP layer. IPsec is deployed widely to implement Virtual Private Networks (VPNs). See "Overview" on page 4-1for more information.

IPsec supports two encryption modes: Transport and Tunnel. Transport mode encrypts only the data portion (payload) of each packet, but leaves the header untouched. The more secure Tunnel mode encrypts both the header and the payload. On the receiving side, an IPsec-compliant device decrypts each packet. Netopia Routers support the more secure Tunnel mode.

Netopia Firmware Version 5.4 offers IPsec 3DES encryption over the VPN tunnel. DES stands for Data Encryption Standard, a popular symmetric-key encryption method. DES uses a 56-bit key. Netopia Routers offer IPsec 3DES (triple DES) encryption as a standard option. Some models support built-in hardware acceleration of 3DES encryption at line speeds.

Internet Key Exchange (IKE) is an authentication and encryption key management protocol used in conjunction with the IPsec standard. IPsec key management offers a wide variety of options which are explained in Chapter 5, “Internet Key Exchange (IKE) IPsec Key Management for VPNs.”