Case Communications 6401 Rugged ADSL Router Manual – Rev 1.5
SECTION 5 – ADVANCED CONFIGURATION Page 5.65
5.16.4 CONFIGURATION EXAMPLES
Example 1 – Connection to a PIX Firewall
Cisco default tunnel type
Remote IPSec gateway Address
IP address of the Cisco PIX WAN port
Tunnel Access from local IP
address
Use subnet to allow equipment connected to the
routers to talk over the IPSec tunnel
Local VPN IP address, use this as default gateway for
equipment
Tunnel Access from remote IP
address
Use subnet to allow equipment connected to a Cisco
PIX to talk over the IPSec tunnel
Type in the secure PSK that the Cisco also uses
send a proposal containing encryption methods used
DES, 3DES, AES-128, AES-192 or AES-256
MD5 (default) , SHA1 (SHA1 used by Cisco PIX)
Select Diffie-Hellman Group
768bit, 1024bit, 1536bit, 2048bit, 3072bit, 4096bit,
6144bit or 8192bit
determines when a new key is generated – see below.
Phase 2 Encryption Algorithm
Select Diffie-Hellman Group
Key Life Time (60 – 3,000,000)
60 seconds to nearly 35 days
Time before tunnel is broken and re-established using
a new key. NB. Every tunnel break removes the users.
Example 2 – Manual Key Exchange Method
Cisco default tunnel type
Remote IPSec gateway
Address
IP address of the Cisco PIX WAN port
Tunnel Access from local
IP address
Use subnet to allow equipment
connected to the routers to talk over the
IPSec tunnel
Local VPN IP address, use this as
default gateway for equipment
Tunnel Access from
remote IP address
Use subnet to allow equipment
connected to the Cisco to talk over the
IPSec tunnel
Options – DES, 3DES or AES
16 digit DES Key (48 for DES)
1234567890abcdef1234567890abcdef
32 digit MD5 key (40 for SHA1)
To Next Page
Loading...
