Chapter 3 Configuration

Connection Name: Give a name for this connection.

Local Network: Set the IP address, subnet or address range of the local network.

¤Single Address: The IP address of the local host.

¤Subnet: The subnet of the local network. For example, IP: 192.168.1.0 with netmask 255.255.255.0 specifies one class C subnet starting from 192.168.1.1.

¤IP Range: The IP address range of the local network. For example, IP: 192.168.1.1, end IP: 192.168.1.10

Remote Secure Gateway Address (or hostname): The IP address or hostname of remote VPN device that is connected and establishes a VPN tunnel.

Remote Network: Set the IP address, subnet or address range of the remote network.

Proposal: Select the IPSec security method. There are two methods to check the authentication information, AH (authentication header) and ESP (Encapsulating Security Payload). Check ESP for a higher security, data will be encrypted and authenticated. Check AH, data will be authenticated but not encrypted.

Authentication: Authentication establishes the integrity of datagram and ensures it is not tampered with in transmit. There are three options, Message Digest 5 (MD5), Secure Hash Algorithm (SHA-1) or NONE. SHA-1 is more resistant to brute-force attacks than MD5, but it is slower.

¤MD5: A one way hashing algorithm that produces a 128−bit hash.

¤SHA-1:A one way hashing algorithm that produces a 160−bit hash.

Encryption: Select the encryption method from the pull-down menu. There are four options, DES, 3DES, AES and NONE. The NONE means it is a tunnel only, no encryption. 3DES and AES are more powerful but increases latency.

59