Table of Contents
Advertisement
Prestige 652 ADSL Security Router
FIELD
End Enter a port number in this field to define a port range. This port number
must be greater than that specified in the previous field. This field is N/A
when 0 is configured in the Port Start field.
Enable Replay
As a VPN setup is processing intensive, the system is vulnerable to Denial
Detection
of Service (DoS) attacks The IPSec receiver can detect and reject old or
duplicate packets to protect against replay attacks. Enable replay detection
by setting this field to Yes.
Press [SPACE BAR] to select Yes or No. Choose Yes and press [ENTER]
to enable replay detection.
Key
Press [SPACE BAR] to choose either IKE or Manual and then press
[ENTER]. Manual is useful for troubleshooting if you have problems using
Management
IKE key management.
Edit Key
Press [SPACE BAR] to change the default No to Yes and then press
Management
[ENTER] to go to a key management menu for configuring your key
Setup
management setup (described later). If you set the Key Management field
to IKE, this will take you to Menu 27.1.1.1 – IKE Setup. If you set the Key
Management field to Manual, this will take you to Menu 27.1.1.2 –
Manual Setup.
When you have completed this menu, press [ENTER] at the prompt "Press ENTER to Confirm..." to save
your configuration, or press [ESC] at any time to cancel.
25.5 IKE Setup
To edit this menu, the Key Management field Menu 27.1.1 – IPSec Setup must be set to IKE. Move the
cursor to the Edit Key Management Setup field in Menu 27.1.1 – IPSec Setup; press [SPACE BAR] to
select Yes and then press [ENTER] to display Menu 27.1.1.1 – IKE Setup.
25.5.1 IKE Phases
There are two phases to every IKE (Internet Key Exchange) negotiation – phase 1 (Authentication) and phase
2 (Key Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate
SAs for IPSec.
25-12
Table 25-4 Menu 27.1.1 — IPSec Setup
DESCRIPTION
EXAMPLE
No
IKE
No
VPN/IPSec Setup
Advertisement
Table of Contents
Troubleshooting
