IPsec parameters
Digi TransPort User Guide 396
IP Address
Use this IP address for the remote LAN subnet. This is usually the IP address of the peer’s
Ethernet interface or that of a specific device on the local subnet (such as a PC running a client
or host application).
Mask
Use this IP mask for the remote LAN subnet. The mask sets the range of IP addresses that will
be allowed to use the IPsec tunnel.
Remote Subnet ID
Normally used with L2TP/IPsec VPNs. When the router is in server mode and negotiating IPsec
from behind a NAT box, this parameter should be configured to the ID sent by the remote
Windows client (this is usually the computer name).
Use the following security on this tunnel
These settings define the security identities used on the IPsec tunnel.
Security type Description
Preshared Keys Requires that both IPsec peers share a secret key, or password,
that can be matched by and verified by both peers.
To configure the PSK, a user will need configuring that matches
the inbound ID of the remote peer and the PSK is configured
using the password parameter. This is done via
Configuration > Security > Users. The User configuration
serves a dual purpose, in that it may contain entries for normal
login access (such as HTTP, FTP or Telnet), and entries for IPsec
tunnels.
XAUTH Init Preshared Keys Used when the remote peer is a Cisco device using XAUTH and
PSK authentication.
RSA Signatures Select this option when the IPsec authentication will use X.509
certificates.
XAUTH Init RSA Used when the remote peer is a Cisco device using XAUTH and
X.509 certificates for authentication.
To Next Page
Loading...
