Configuring Virtual Private Networking (VPN) Configure Internet Protocol security (IPsec)
Digi TransPort® Routers User Guide
477
RSA Key File
Overrides the private key filename in the IKE configuration. Use only when the authentication
stage of the IKE negotiation uses RSA Signatures (Certificates).
Use enc encryption on this tunnel
The ESP encryption protocol to use with this IPsec tunnel. The options are:
n None
n Null
n DES
n 3DES
n AES (128 bit keys)
n AES (192 bit keys)
n AES (256 bit keys)
If the dropdown options only display None and Null, the router requires encryption enabling.
See your Digi sales contact regarding enabling encryption.
Use auth authentication on this tunnel
The ESP authentication algorithm to use with this IPsec tunnel. The options are:
n None
n MD5
n SHA1
Use Diffie Hellman group
The Diffie Hellman (DH) group to use when negotiating new IPsec SAs. If enabled, the IPsec SA
keys cannot be predicted from any of the previous keys generated. The options are
NoPFS, 1, 2, or 3. The larger values result in stronger keys, but they take longer to generate.
Use IKE n to negotiate this tunnel
The IKE version to use to negotiate this IPsec tunnel.
Use IKE configuration
The IKE configuration instance to use with this Eroute when the router is configured as an
Initiator.
Bring this tunnel up
Controls how the IPsec tunnel is brought up. The options are:
n All the time
n Whenever a route to the destination is available
n On demand
If the tunnel is down and a packet is ready to be sent
Defines the action that is performed when the IPsec tunnel is down and a packet needs to be
sent. The options are:
To Next Page
Loading...
