User’s Manual
42
Connection type Figure 3-32
Name: Indicates the connection name, must be unique.
Enabled: If enabled, the connection will send tunnel connection request when it is
reboot or re-connection.
Local WAN Interface: Local address of the tunnel.
Peer WAN address: Peer IP or domain name. If the server function of tunnel mode
is used, leave this option blank.
Local ID: The local identification of the channel, which can be IP or domain name.
Peer ID: Peer identification of the channel, which can be IP and domain name.
Configure DPD detection. Step 6
1) Enable DPD detection.
2) Set time interval, timeout and action.
Enable advanced settings, including IKE and ESP. Step 7
After the advanced settings are enabled, you can configure parameters of Phase 1
and Phase 2, otherwise, it will be automatically negotiated with the peer.
Table 3-24 Parameter description of advanced settings
The following IKE encryption modes are available: AES (256
bit), AES (192 bit), AES (128 bit), 3DES and DES.
The following IKE integrity solutions are available: MD5, SHA1,
SHA2 (256) and SHA2 (512).
Set IKE lifetime, expressed by hour, and the default value is 0.
The following ESP encryption modes are available: SHA2
(512), SHA2 (256), SHA1, MD5 and MD5-96.
The following ESP integrity solutions are available: MD5,
SHA1, SHA2 (256) and SHA2 (512).
Set ESP keylife, expressed by hour, and the default value is 0.
IKE aggressive mode allowed
Select to adopt aggressive mode, otherwise, adopt main mode.
Perfect Forward Secrecy
(PFS)
Set whether to enable PFS.
Select an authentication method. Use a pre-shared key or generate and use the X.509 Step 8
certificate. Currently only a pre-shared key is supported.
To Next Page
Loading...