Table of Contents
Advertisement
230
through the Internet. You can select to use L2TP alone or
with IPsec. Select from below:
None: Do not apply the IPsec policy. Accordingly, the
VPN connection employed the L2TP without IPsec
policy can be viewed as one pure L2TP connection.
Nice to Have: Apply the IPsec policy first, if it is
applicable during negotiation. Otherwise, the dial-out
VPN connection becomes one pure L2TP connection.
Must: Specify the IPsec policy to be definitely applied
on the L2TP connection.
User Name - This field is applicable when you select, PPTP or
L2TP with or without IPsec policy above. The length of the
name is limited to 49 characters.
Password - This field is applicable when you select PPTP or
L2TP with or without IPsec policy above. The length of the
password is limited to 15 characters.
PPP Authentication - This field is applicable when you
select, PPTP or L2TP with or without IPSec policy above.
PAP/CHAP/MS-CHAP/MS-CHAPv2 is the most common
selection due to compatibility.
VJ compression - This field is applicable when you select
PPTP or L2TP with or without IPsec policy above. VJ
Compression is used for TCP/IP protocol header compression.
Normally set to On to improve bandwidth utilization.
IKE Authentication Method - This group of fields is
applicable for IPsec Tunnels and L2TP with IPsec Policy.
Pre-Shared Key - Input 1-63 characters as pre-shared
key.
Digital Signature (X.509) - Select one predefined
Profiles set in the VPN and Remote Access >>IPsec
Peer Identity.
Peer ID - Select one of the predefined Profiles set in
VPN and Remote Access >>IPsec Peer Identity.
Local ID – Specify a local ID (Alternative Subject Name
First or Subject Name First) to be used for Dial-in
setting in the LAN-to-LAN Profile setup. This item is
optional and can be used only in IKE aggressive mode.
Local Certificate – Select one of the profiles set in
Certificate Management>>Local Certificate.
IPsec Security Method - This group of fields is a must for
IPsec Tunnels and L2TP with IPsec Policy.
Medium AH (Authentication Header) means data will
be authenticated, but not be encrypted. By default,
this option is active.
High (ESP-Encapsulating Security Payload)- means
payload (data) will be encrypted and authenticated.
Select from below:
DES without Authentication -Use DES encryption
algorithm and not apply any authentication scheme.
DES with Authentication-Use DES encryption algorithm
and apply MD5 or SHA-1 authentication algorithm.
3DES without Authentication-Use triple DES
encryption algorithm and not apply any authentication
scheme.
3DES with Authentication-Use triple DES encryption
algorithm and apply MD5 or SHA-1 authentication
Vigor3220 Series User's Guide
Advertisement
Table of Contents
