Prestige 662H/HW Series User’s Guide
Table 150 Menu 27.1.1 IPSec Setup (continued)
FIELD | DESCRIPTION |
|
|
IP Addr Start | When the Addr Type field is configured to Single, enter a static IP address on the |
| network behind the remote IPSec router. |
| When the Addr Type field is configured to Range, enter the beginning (static) IP |
| address, in a range of computers on the network behind the remote IPSec router. |
| When the Addr Type field is configured to SUBNET, enter a static IP address on the |
| network behind the remote IPSec router. |
| This field displays N/A when you configure the Secure Gateway Address field to |
| 0.0.0.0. |
End/Subnet | When the Addr Type field is configured to Single, this field is N/A. |
Mask | When the Addr Type field is configured to Range, enter the end (static) IP address, |
| in a range of computers on the network behind the remote IPSec router. |
| When the Addr Type field is configured to SUBNET, enter a subnet mask on the |
| network behind the remote IPSec router. |
| This field displays N/A when you configure the Secure Gateway Address field to |
| 0.0.0.0. |
Port Start | 0 is the default and signifies any port. Type a port number from 0 to 65535. Someone |
| behind the remote IPSec router cannot create a VPN tunnel when attempting to |
| connect using a port number that does not match this port number or range of port |
| numbers. |
| Some of the most common IP ports are: 21, FTP; 53, DNS; 23, Telnet; 80, HTTP; 25, |
| SMTP; 110, POP3. |
End | Enter a port number in this field to define a port range. This port number must be |
| greater than that specified in the previous field. This field is N/A when 0 is configured |
| in the Port Start field. |
Enable Replay | As a VPN setup is processing intensive, the system is vulnerable to Denial of Service |
Detection | (DoS) attacks The IPSec receiver can detect and reject old or duplicate packets to |
| protect against replay attacks. Enable replay detection by setting this field to Yes. |
| Press [SPACE BAR] to select Yes or No. Choose Yes and press [ENTER] to enable |
| replay detection. |
Key | Press [SPACE BAR] to choose either IKE or Manual and then press [ENTER]. |
Management | Manual is useful for troubleshooting if you have problems using IKE key |
| management. |
Edit Key | Press [SPACE BAR] to change the default No to Yes and then press [ENTER] to go |
Management | to a key management menu for configuring your key management setup (described |
Setup | later). If you set the Key Management field to IKE, this will take you to Menu 27.1.1.1 |
| – IKE Setup. If you set the Key Management field to Manual, this will take you to |
| Menu 27.1.1.2 – Manual Setup. |
When you have completed this menu, press [ENTER] at the prompt “Press ENTER to Confirm or ESC to Cancel:” to save your configuration, or press [ESC] at any time to cancel.
45.4 IKE Setup
To edit this menu, the Key Management field in Menu 27.1.1 – IPSec Setup must be set to IKE. Move the cursor to the Edit Key Management Setup field in Menu 27.1.1 – IPSec Setup; press [SPACE BAR] to select Yes and then press [ENTER] to display Menu 27.1.1.1
– IKE Setup.441 | Chapter 45 VPN/IPSec Setup |