![](/images/new-backgrounds/1110805/11080589x1.webp)
| Configuring AirLink Helix | |
|
|
|
|
|
|
Command | Description |
|
|
|
|
Perfect Forward | Yes or No. Provides additional security through a DH shared secret value. When this |
|
Secrecy | feature is enabled, one key cannot be derived from another. This ensures previous and |
|
| subsequent encryption keys are secure even if one key is compromised. |
|
|
|
|
IPSec Key Group | DH1, DH2, or DH5. Determines how the Helix VPN creates an SA with the VPN server. The |
|
| DH |
|
| authentication. Helix supports three prime key lengths, including Group 1 (768 bits), Group |
|
| 2 (1,024 bits), and Group 5 (1,536 bits). |
|
|
|
|
IPSec SA Life Time | 180 to 86400. Determines how long the VPN tunnel is active in seconds. The default value |
|
| is 28,800 seconds, or 8 hours. |
|
|
|
|
| VPN 2 | |
| The Helix can act as a Generic Routing Encapsulation (GRE) endpoint, providing | |
| a means to encapsulate a wide variety of network layer packets inside IP | |
| tunneling packets. With this feature you can reconfigure IP architectures without | |
| worrying about connectivity. GRE creates a | |
| an IP network. | |
| The VPN 2 section allows configuration of the GRE tunnel on the Helix box. |
Figure 8-2: ACEmanager: VPN 2 - VPN/IPSec
Figure 8-3: ACEmanager: VPN 2 - VPN/IPSec - GRE Tunnel
Command | Description |
|
|
VPN 2 Type | Tunnel Disabled or GRE Tunnel. Enabling the GRE Tunnel will expose other options for |
| configuring the tunnel. |
|
|
VPN Status | Disabled, Connected or Not Connected. Indicates the status of the GRE tunnel on the Helix |
| box. |
|
|
VPN Gateway | The IP address of the device that this client connects to. This IP address must be open to |
Address | connections from the Helix Box. |
|
|
Rev 3.0D May.10 | 39 |