Prestige 2602HW Series User’s Guide

 

Table 133 Menu 27.1 IPSec Summary (continued)

 

 

 

 

FIELD

DESCRIPTION

 

 

 

 

A

Y signifies that this VPN rule is active.

 

 

 

 

Local Addr

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is a

 

Start

static IP address on the LAN behind your Prestige.

 

 

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Range, this is

 

 

the beginning (static) IP address, in a range of computers on the LAN behind your

 

 

Prestige.

 

 

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to SUBNET, this

 

 

is a static IP address on the LAN behind your Prestige.

 

Addr End /

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is

 

Mask

the same (static) IP address as in the Local Addr Start field.

 

 

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Range, this is

 

 

the end (static) IP address, in a range of computers on the LAN behind your Prestige.

 

 

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to SUBNET, this

 

 

is a subnet mask on the LAN behind your Prestige.

 

Encap

This field displays Tunnel mode or Transport mode. See earlier for a discussion of

 

 

these. You need to finish configuring the VPN policy in menu 27.1.1.1 or 27.1.1.2 if ???

 

 

is displayed.

 

IPSec

This field displays the security protocols used for an SA. ESP provides confidentiality

 

Algorithm

and integrity of data by encrypting the data and encapsulating it into IP packets.

 

 

Encryption methods include 56-bit DES and 168-bit 3DES. NULL denotes a tunnel

 

 

without encryption.168-bit 3DES and 128-bit AES. NULL denotes a tunnel without

 

 

encryption.

 

 

AH (Authentication Header) provides strong integrity and authentication by adding

 

 

authentication information to IP packets. This authentication information is calculated

 

 

using header and payload data in the IP packet. This provides an additional level of

 

 

security. AH choices are MD5 (default - 128 bits) and SHA -1(160 bits).

 

 

Both AH and ESP increase the Prestige’s processing requirements and

 

 

communications latency (delay).

 

 

You need to finish configuring the VPN policy in menu 27.1.1.1 or 27.1.1.2 if ??? is

 

 

displayed.

 

Key Mgt

This field displays the SA’s type of key management, (IKE or Manual).

 

 

 

 

Remote Addr

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is a

 

Start

static IP address on the network behind the remote IPSec router.

 

 

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Range, this is

 

 

the beginning (static) IP address, in a range of computers on the network behind the

 

 

remote IPSec router.

 

 

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to SUBNET, this

 

 

is a static IP address on the network behind the remote IPSec router.

 

 

This field displays N/A when you configure the Secure Gateway Address field in SMT

 

 

27.1.1 to 0.0.0.0.

 

Addr End /

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Single, this is

 

Mask

the same (static) IP address as in the Remote Addr Start field.

 

 

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to Range, this is

 

 

the end (static) IP address, in a range of computers on the network behind the remote

 

 

IPSec router.

 

 

When the Addr Type field in Menu 27.1.1 IPSec Setup is configured to SUBNET, this

 

 

is a subnet mask on the network behind the remote IPSec router.

 

 

This field displays N/A when you configure the Secure Gateway Address field in SMT

 

 

27.1.1 to 0.0.0.0.

Chapter 42 VPN/IPSec Setup

405