Prestige 2602H/HW Series User’s Guide
Table 74 VPN: Manual Key
LABEL | DESCRIPTION |
|
|
IPSec Setup |
|
|
|
Active | Select this check box to activate this VPN policy. |
|
|
Name | Type up to 32 characters to identify this VPN policy. You may use any character, |
| including spaces, but the Prestige drops trailing spaces. |
IPSec Key Mode | Select IKE or Manual from the |
| troubleshooting if you have problems using IKE key management. |
SPI | Type a number (base 10) from 1 to 999999 for the Security Parameter Index. |
|
|
Encapsulation | Select Tunnel mode or Transport mode from the |
Mode |
|
DNS Server (for | If there is a private DNS server that services the VPN, type its IP address here. |
IPSec VPN) | The Prestige assigns this additional DNS server to the Prestige 's DHCP clients |
| that have IP addresses in this IPSec rule's range of local addresses. |
| A DNS server allows clients on the VPN to find other computers and servers on |
| the VPN by their (private) domain names. |
Local | Local IP addresses must be static and correspond to the remote IPSec router's |
| configured remote IP addresses. |
| Two active SAs cannot have the local and remote IP address(es) both the same. |
| Two active SAs can have the same local or remote IP address, but not both. You |
| can configure multiple SAs between the same local and remote IP addresses, as |
| long as only one is active at any time. |
Local Address Type | Use the |
| a single IP address. Select Range for a specific range of IP addresses. Select |
| Subnet to specify IP addresses on a network by their subnet mask. |
IP Address Start | When the Local Address Type field is configured to Single, enter a (static) IP |
| address on the LAN behind your Prestige. When the Local Address Type field is |
| configured to Range, enter the beginning (static) IP address, in a range of |
| computers on your LAN behind your Prestige. When the Local Address Type |
| field is configured to Subnet, this is a (static) IP address on the LAN behind your |
| Prestige. |
End / Subnet Mask | When the Local Address Type field is configured to Single, this field is N/A. |
| When the Local Address Type field is configured to Range, enter the end (static) |
| IP address, in a range of computers on the LAN behind your Prestige. When the |
| Local Address Type field is configured to Subnet, this is a subnet mask on the |
| LAN behind your Prestige. |
Remote | Remote IP addresses must be static and correspond to the remote IPSec router's |
| configured local IP addresses. |
| Two active SAs cannot have the local and remote IP address(es) both the same. |
| Two active SAs can have the same local or remote IP address, but not both. You |
| can configure multiple SAs between the same local and remote IP addresses, as |
| long as only one is active at any time. |
Remote Address | Use the |
Type | with a single IP address. Select Range for a specific range of IP addresses. |
| Select Subnet to specify IP addresses on a network by their subnet mask. |
IP Address Start | When the Remote Address Type field is configured to Single, enter a (static) IP |
| address on the network behind the remote IPSec router. When the Remote |
| Address Type field is configured to Range, enter the beginning (static) IP |
| address, in a range of computers on the network behind the remote IPSec router. |
| When the Remote Address Type field is configured to Subnet, enter a (static) IP |
| address on the network behind the remote IPSec router. |
Chapter 17 VPN Screens | 233 |