EasyManuals Logo

peplink Pepwave MAX Series User Manual

peplink Pepwave MAX Series
424 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #176 background imageLoading...
Page #176 background image
Networks
Authentication
To access your VPN, clients will need to authenticate by your choice of methods.
Choose between the Preshared Key and X.509 Certificate methods of
authentication.
Mode
Choose Main Mode if both IPsec peers use static IP addresses. Choose
Aggressive Mode if one of the IPsec peers uses dynamic IP addresses.
Force UDP
Encapsulation
For forced UDP encapsulation regardless of NAT-traversal, tick this checkbox.
Pre-shared Key
This defines the peer authentication pre-shared key used to authenticate this
VPN connection. The connection will be up only if the pre-shared keys on each
side match.
Remote
Certificate (pem
encoded)
Available only when X.509 Certificat e is chosen as the Authentication method,
this field allows you to paste a valid X.509 certificate.
Local ID
In Main Mode , this field can be left blank. In Aggressive Mode , if Remote
Gateway IP Address is filled on this end and the peer end, this field can be left
blank. Otherwise, this field is typically a U-FQDN.
Remote ID
In Main Mode , this field can be left blank. In Aggressive Mode , if Remote
Gateway IP Address is filled on this end and the peer end, this field can be left
blank. Otherwise, this field is typically a U-FQDN.
Phase 1 (IKE)
Proposal
In Main Mode , this allows setting up to six encryption standards, in descending
order of priority, to be used in initial connection key negotiations. In Aggressive
Mode , only one selection is permitted.
Phase 1 DH
Group
This is the Diffie-Hellman group used within IKE. This allows two parties to
establish a shared secret over an insecure communications channel. The larger
the group number, the higher the security.
Group 2 : 1024-bit is the default value.
Group 5 : 1536-bit is the alternative option.
Phase 1 SA
Lifetime
This setting specifies the lifetime limit of this Phase 1 Security Association. By
default, it is set at 3600 seconds.
Phase 2 (ESP)
Proposal
In Main Mode , this allows setting up to six encryption standards, in descending
order of priority, to be used for the IP data that is being transferred. In
Aggressive Mode , only one selection is permitted.
Phase 2 PFS
Group
Perfect forward secrecy (PFS) ensures that if a key was compromised, the
attacker will be able to access only the data protected by that key.
None - Do not request for PFS when initiating connection. However, since there
is no valid reason to refuse PFS, the system will allow the connection to use
PFS if requested by the remote peer. This is the default value.
https://www.peplink.com
176
Copyright @ 2021 Peplink

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the peplink Pepwave MAX Series and is the answer not in the manual?

peplink Pepwave MAX Series Specifications

General IconGeneral
Brandpeplink
ModelPepwave MAX Series
CategoryWireless Router
LanguageEnglish

Related product manuals