Draytek vigor2920 series User Manual page 287
Dual-wan security router
Hide thumbs
Also See for vigor2920 series:
- User manual (434 pages) ,
- User manual (40 pages) ,
- User manual (317 pages)
Table of Contents
Advertisement
GRE over IPSec
Settings
address of the remote dial-in user or peer ID (should be the
same with the ID setting in dial-in type) by checking the box.
Also, you should further specify the corresponding security
methods on the right side. If you uncheck the checkbox, the
connection type you select above will apply the authentication
methods and security methods in the general settings.
User Name - This field is applicable when you select PPTP or
L2TP with or without IPSec policy above. The maximum
length for both username is 11 characters.
Password - This field is applicable when you select PPTP or
L2TP with or without IPSec policy above. The maximum
length for both username is 11 characters.
VJ Compression - VJ Compression is used for TCP/IP
protocol header compression. This field is applicable when you
select PPTP or L2TP with or without IPSec policy above.
IKE Authentication Method - This group of fields is
applicable for IPSec Tunnels and L2TP with IPSec Policy
when you specify the IP address of the remote node. The only
exception is Digital Signature (X.509) can be set when you
select IPSec tunnel either with or without specify the IP
address of the remote node.
Pre-Shared Key - Check the box of Pre-Shared Key to invoke
this function and type in the required characters (1-63) as the
pre-shared key. Digital Signature (X.509) –Check the box of
Digital Signature to invoke this function and select one
predefined Profiles set in the VPN and Remote Access
>>IPSec Peer Identity.
Local ID – Specify which one will be inspected first.
Alternative Subject Name First – The alternative
subject name (configured in Certificate
Management>>Local Certificate) will be inspected
first.
Subject Name First – The subject name (configured in
Certificate Management>>Local Certificate) will be
inspected first.
IPSec Security Method - This group of fields is a must for
IPSec Tunnels and L2TP with IPSec Policy when you specify
the remote node.
Medium- Authentication Header (AH) means data will be
authenticated, but not be encrypted. By default, this option is
active.
High- Encapsulating Security Payload (ESP) means payload
(data) will be encrypted and authenticated. You may select
encryption algorithm from Data Encryption Standard (DES),
Triple DES (3DES), and AES.
Enable IPSec Dial-Out function GRE over IPSec: Check
this box to verify data and transmit data in encryption with
GRE over IPSec packet after configuring IPSec Dial-Out
setting. Both ends must match for each other by setting same
277
Vigor2920 Series User's Guide
Advertisement
Table of Contents
