Field Description
• ASN.1 DN (Distinguished Name)
Local ID Value Enter the ID of your device.
For Authentication Method = DSA Signature, RSA Signa-
ture or RSA Encryption or Standard, the Use Subject-
name from Certificate option is shown.
If you enable the Use Subject Name from certificate option,
the first alternative subject name indicated in the certificate is
used, or, if none is specified, the subject name of the certificate
is used.
Note: If you use certificates for authentication and your certific-
ate contains alternative subject names (see Certificates on
page 263), you must make sure your device selects the first al-
ternative subject name by default. Make sure you and your peer
both use the same name, i.e. that your local ID and the peer ID
your partner configures for you are identical.
Alive Check
During communication between two IPSec peers, one of the peers may become unavail-
able, e.g. due to routing problems or a reboot. However, this can only be detected when
the end of the lifetime of the security connection is reached. Up until this point the data
packets are lost. These are various methods of performing an alive check to prevent this
happening. In the Alive Check field you can specify whether a method should be used to
check the availability of a peer.
Two methods are available: Heartbeats and Dead Peer Detection.
The Advanced Settingsmenu consists of the following fields:
Fields in the menu Advanced Settings
Field Description
Alive Check Select the method to be used to check the functionality of the
IPSec connection.
In addition to the default method Dead Peer Detection (DPD),
the (proprietary) Heartbeat method is implemented. This sends
and receives signals every 5 seconds, depending on the config-
uration. If these signals are not received after 20 seconds, the
SA is discarded as invalid.
14 VPN Funkwerk Enterprise Communications GmbH
232 bintec W1002/W1002n/W2002/WIx040/WIx065
To Next Page
Loading...
Need help?
General
