Administration
NB2800 NetModule Router
Hostname NB2800
Software Version 4.6.0.100
© 2004-2021, NetModule AG
OpenVPN
Administration
Tunnel Configuration
IPsec
Administration
Tunnel Configuration
PPTP
Administration
Tunnel Configuration
GRE
Administration
Tunnel Configuration
L2TP
Administration
Tunnel Configuration
IPsec Administration
IPsec administrative status:
enabled
disabled
Propose NAT traversal:
Enable IKEv2 Make-before-Break:
Restart on link change:
HOME INTERFACES ROUTING FIREWALL VPN SERVICES SYSTEM
LOGOUT
Figure 6.36.: IPsec Administration
This page can be used to enable/disable IPsec, you may also specify whether NAT-Traversal and IKEv2
Make-before-break should be used.
NAT-Traversal is mainly used for connections which traverse a path where a router modifies the IP
address/port of packets. It encapsulates packets in UDP and therefore requires a slight overhead
which has to be taken into account when running over small-sized MTU interfaces.
Please note that running NAT-Traversal makes IKE using UDP port 4500 rather than 500 which has to
be taken into account when setting up firewall rules.
Make-before-break is an IKEv2 option used to optimize the necessary regular reauthentification by
creating an overlapping SA (=make) before deleting the currently used SA (=break). This way, the
interruption of the data stream is minimized. Both peers have to be able to handle overlapping SAs to
use this option.
NB1601 118 User Manual for NRSW version 4.8.0.103
To Next Page
Loading...
