Chapter 3
Configuration via Local Pages
IPSec Security The IPSec Security Descriptor bundles the security parameters used for the Phase 2 Descriptor Security Association.
A number of IPSec Security Descriptors are
For example, the
Parameter | Value for AES_MD5_TUN |
|
|
Cryptographic function | AES |
|
|
Hash function | |
|
|
Use of Perfect Forward Secrecy | no |
|
|
IPSec SA lifetime in seconds. | 86400 seconds (= 24 hours) |
|
|
IPSec SA volume lifetime in kbytes. | no volume limit |
|
|
The ESP encapsulation mode | tunnel |
|
|
The contents of the IPSec Security Descriptors can be verified via
Advanced > Connections > Security Descriptors.
Exchange Mode IKE specifies two modes of operation for the Phase 1 negotiations: main mode and aggressive mode. Main mode is more secure while aggressive mode is quicker.
Server Vendor The SpeedTouch™ can interact with VPN servers of various vendors. Because some vendors implement proprietary features, it is required to select the server vendor. The vendor specific features are reflected in the parameters required to dial in to the VPN server. This is explained in more detail below.
Following vendors can be selected:
Select ... | when ... |
|
|
generic | the VPN server is either a SpeedTouch™ or is unknown. |
| You need to specify your |
| procedure (see “ Set of Server Vendor specific |
| parameters” on page 58). |
|
|
Cisco | you connect to a Cisco VPN server. Cisco requires a |
| Group ID to be specified for the VPN clients (see “ Set of |
| Server Vendor specific parameters” on page 58). |
|
|
Nortel | you connect to a Nortel VPN server. |
|
|
54 | |
|
