ESP SPI

Broadband VPN Gateway User Guide

ESP Authentication Generally, you should enable ESP Authentication. There is little difference between the available algorithms. Just ensure each endpoint use the same setting.

The "In" key here must match the "Out" key on the remote VPN, and the "Out" key here must match the "In" key on the remote VPN.

Keys can be in ASCII or Hex (0 ~ 9 and A ~ F)

For MD5, the keys should be 32 hex/16 ASCII characters.

For SHA-1, the keys should be 40 hex/20 ASCII characters.

ESP SPI

This is required if either ESP Encryption or ESP Authentica-

 

tion is enabled.

 

Each SPI (Security Parameter Index) must be unique.

 

The "in" SPI here must match the "out" SPI on the remote

 

VPN, and the "out" SPI here must match the "in" SPI on the

 

remote VPN.

 

Each SPI should be at least 3 characters.

IKE (Internet Key Exchange)

Direction

Select the desired option:

 

Initiator - Only outgoing connections will be created. Incom-

 

ing connection attempts will be rejected.

 

Responder - Only incoming connections will be accepted.

 

Outgoing traffic which would otherwise result in a connection

 

will be ignored.

 

Both Directions - Both incoming and outgoing connections

 

are allowed.

 

 

Local ID Type

This setting must match the "Remote ID Type" on the remote VPN.

 

Select the desired option, and enter the required data in the "Local

 

Identity Data" field.

 

WAN IP Address - This is the most common method. If

 

selected, no input is required.

 

Fully Qualified Domain Name - enter the Domain Name

 

assigned to this device.

 

Fully Qualified User name - This name does not have to a

 

valid Internet Domain Name. E-mail addresses are often used

 

for this entry.

 

DER ANS.1 DN - This must be a DER ANS.1 Domain Name.

 

 

Remote ID Type

This setting must match the "Local ID Type" on the remote VPN.

 

Select the desired option, and enter the required data in the "Re-

 

mote ID Data" field.

 

Remote WAN IP - This is the most common method. If

 

selected, no input is required.

 

Fully Qualified Domain Name - enter the Domain Name

 

assigned to this device.

 

Fully Qualified User name - This name does not have to a

 

valid Internet Domain Name. E-mail addresses are often used

 

for this entry.

 

DER ANS.1 DN - This must be a DER ANS.1 Domain Name.

 

 

80

Page 84
Image 84
TRENDnet TW100-BRV324 Esp Spi, This is required if either ESP Encryption or ESP Authentica, tion is enabled, Direction

TW100-BRV324 specifications

The TRENDnet TW100-BRV324 is a versatile broadband router designed to provide small to medium-sized businesses with reliable networking capabilities. One of its key features is its built-in firewall security, which ensures robust protection against unauthorized access and threats from the internet. This appliance uses Stateful Packet Inspection (SPI), providing a comprehensive barrier against a variety of cyber threats.

Equipped with a DHCP server, the TW100-BRV324 simplifies IP address assignment, allowing administrators to manage network resources efficiently. The device supports both DHCP and static IP configurations, making it flexible for various network setups. Additionally, it offers VPN pass-through capabilities, allowing secure remote access for users needing to connect to the corporate network from outside.

The TW100-BRV324 is noted for its impressive NAT (Network Address Translation) capabilities, which enable multiple devices on a local network to access the internet through a single public IP address. This feature is particularly beneficial in saving costs related to IP addresses while enhancing network management. Furthermore, it boasts an integrated 4-port switch, facilitating wired connections for several devices in a local area network (LAN).

In terms of connectivity, the router supports 10/100 Mbps Ethernet, providing sufficient bandwidth for most small business applications. The device is also easy to set up, thanks to its user-friendly web-based interface, which guides users through the configuration process. This simplicity makes it suitable for individuals with varying levels of networking expertise.

The TW100-BRV324 supports multiple connection types, including DSL and cable internet, ensuring compatibility with various ISPs. Additionally, it embeds Quality of Service (QoS) features, allowing network administrators to prioritize traffic. This is crucial for ensuring that bandwidth-intensive applications, such as video conferencing and VoIP, receive the necessary resources for optimal performance.

In summary, the TRENDnet TW100-BRV324 is a robust and feature-rich router well-suited for small to medium-sized businesses. With its combination of security features, flexible configurations, and user-friendly management tools, it offers a powerful solution for those seeking reliable network performance without the need for extensive technical knowledge.