Motorola WiNG 5.5 - Page 194

Motorola WiNG 5.5

954 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

5 - 108 WiNG 5.5 Access Point System Reference Guide

8. Select + Add Row to define the network address of a target peer and its security settings.

9. Select OK to save the changes made within the IKE Policy screen. Select Reset to revert to the last saved configuration.

Select the Delete Row icon to remove a peer configuration.

10. Select the Peer Configuration tab to assign additional network address and IKE settings to the an intended VPN tunnel

peer destination.

Figure 5-62 Profile Security - VPN Peer Destination screen (IKEv1 example)

Mode If using IKEv1, use the drop-down menu to define the IKE mode as either Main or

Aggressive. IPSEC has two modes in IKEv1 for key exchanges. Aggressive mode

requires 3 messages be exchanged between the IPSEC peers to setup the SA, Main

requires 6 messages. The default setting is Main.

DPD Retries Use the spinner control to set the maximum number of keep alive messages sent before

a VPN tunnel connection is defined as dead. The available range is from 1 - 100. The

default setting is 5.

IKE LifeTime Set the lifetime defining how long a connection (encryption/authentication keys) should

last from successful key negotiation to expiration. Set this value in either Seconds (600

- 86,400), Minutes (10 - 1,440), Hours (1 - 24) or Days (1). This setting is required for both

IKEv1 and IKEV2.

Name If creating a new IKE policy, assign the target peer (tunnel destination) a 32 character

maximum name to distinguish it from others with a similar configuration.

DH Group Use the drop-down menu to define a Diffie-Hellman (DH) identifier used by the VPN

peers to derive a shared secret password without having to transmit. DH groups

determine the strength of the key used in key exchanges. The higher the group number,

the stronger and more secure the key. Options include 2, 5 and 14. The default setting

is 5.

Encryption Select an encryption method used by the tunnelled peers to securely interoperate.

Options include 3DES, AES, AES-192 and AES-256. The default setting is AES-256.

Authentication Select an authentication hash algorithm used by the peers to exchange credential

information. Options include SHA and MD5. The default setting is SHA.

Table of Contents

Related product manuals

Preview: Motorola WiNG 5.6

Motorola WiNG 5.6

Preview: Motorola AP6532

Motorola AP6532

Preview: Motorola AP6522

Motorola AP6522

Preview: Motorola AP-8132

Motorola AP-8132

Preview: Motorola AP-7131

Motorola AP-7131

Preview: Motorola AP-7532

Motorola AP-7532

Preview: Motorola AP-51XX

Motorola AP-51XX

Motorola AP-0622

Preview: Motorola AP-621 Series

Motorola AP-621 Series

Preview: Motorola AP-7131 Series

Motorola AP-7131 Series

Preview: Motorola AP-6521 Series

Motorola AP-6521 Series

Preview: Motorola NCAP-500 Series

Motorola NCAP-500 Series