Wireless-G ADSL Gateway

To use manual key management, select Manual, enter authentication and encryption keys (these must be identical to those entered at the remote end), and enter inbound and outbound SPIs (security parameter indexes). The SPIs must be exactly complementary to those entered at the remote end.

When you select automatic key management, an Advanced Settings button appears. Click this button if there are special requirements for this IPSec tunnel. The Advanced IPSec VPN Tunnel Setup window will appear. (Help for this window can be displayed by clicking More on the right side of the VPN panel.)

In this window you can set parameters for IKE phases 1 and 2, and other settings. Phase 1 is when the two ends negotiate parameters for key exchange; phase 2 is when they negotiate parameters for data exchange.

Operation mode: Key exchange parameters can be negotiated in Main mode, which is more secure, or Aggressive mode, which is quicker. The Gateway will accept requests in either mode, but some gateways and clients will accept requests only in the mode specified by the user.

Proposal 1: A proposal is a set of parameters that the initiator sends and the responder examines for acceptability. You can specify encryption and authentication algorithms, Diffie-Hellman group, and key lifetime for the first proposal.

Phase 2 Proposal: Select the desired Diffie-Hellman group, 768-bit or 1024-bit.

Other Settings

NAT Traversal: Enable this feature if the machine or machines being accessed through the tunnel stand behind a NAT (Network Address Translation) server.

NetBIOS broadcast: Enable this feature if the local network does not include a WINS server and the remote machine or machines will need to find local machines by their NetBIOS (Windows Networking) names.

Anti-replay: Packets sent through an IPSec tunnel contain sequencing numbers to let the receiver detect if a substitution has occurred. You can enable this function for greater security.

Keep-alive: This feature, enabled by default, makes the Gateway check the tunnel connection periodically and attempt to re-establish it if it goes down.

If IKE failed . . . : IKE failure may signify an unwanted intrusion attempt. You can set a limit on the number of consecutive failed requests that the Gateway will allow from the same IP address, and the amount of time that the Gateway will ignore further requests from that address.

When finished making changes in this panel, click the Save Settings button to save your changes, or click Cancel Changes to undo the changes. Use the VPN panel’s Connect and View Logs buttons to test the tunnel.

Chapter 5: Configuring the Wireless-G ADSL Gateway

Figure 5-29: Advanced IPSec Settings

Figure 5-30: VPN Log

33

The Security Tab

Page 39 Page 41
Page 40
Image 40
Nortel Networks WAG54G manual Advanced IPSec Settings
Page 39 Page 41

WAG54G specifications

Nortel Networks WAG54G is a robust and versatile wireless access gateway that has made significant strides in providing seamless connectivity for both home and small business environments. Designed with the intention of integrating both wired and wireless networking, this device bridges the gap between traditional Ethernet connections and the burgeoning needs of modern wireless communication.

One of the key features of the WAG54G is its ability to deliver high-speed Internet access through multiple protocols, including ADSL and DSL. This flexibility allows users to enjoy fast Internet speeds while simultaneously managing their internal network. The device is equipped with advanced Quality of Service (QoS) features that prioritize traffic, ensuring that critical applications receive the necessary bandwidth for optimal performance.

The WAG54G is powered by advanced 802.11g wireless technology, which offers wireless data rates of up to 54 Mbps. This enables users to stream videos, make VoIP calls, and engage in online gaming without significant lag, enhancing the overall user experience. The device supports a range of wireless security protocols, including WEP, WPA, and WPA2 encryption, ensuring that user data remains secure from potential threats and unauthorized access.

Another noteworthy characteristic of the WAG54G is its straightforward setup process. The unit comes with a user-friendly web interface that simplifies configuration, allowing users to customize their network settings with ease. The WAG54G also features multiple Ethernet ports for wired connections, making it an ideal solution for homes and offices with multiple devices requiring stable Internet connectivity.

In addition to its core functionalities, the WAG54G supports features such as network address translation (NAT) and a built-in firewall that enhances security while allowing multiple devices to share a single Internet connection. The device also incorporates features like DHCP server capabilities and UPnP support, streamlining network management.

Overall, Nortel Networks WAG54G delivers a compelling mix of performance, security, and manageability. Its combination of wired and wireless capabilities, alongside robust security measures, makes it suitable for various networking needs in today’s digital landscape. Users can count on the WAG54G to provide a reliable and efficient solution that supports the demands of modern Internet usage.
Top Page Image Contents