Table of Contents
Advertisement
10. Configuring VPN
The chapter contains instructions for configuring VPN connections using
automatic keying and manual keys.
10.1 Default Parameters
The SL6000/SL6300 is pre-configured with a default set of proposals/
connections. They cover the most commonly used sets of parameters, required
for typical deployment scenarios. It is recommended that you use these pre-
configured proposals/connections to simplify VPN connection setup. The default
parameters provided in the SL6000/SL6300 are as follows:
Default Connections
Each connection represents a rule that will be applied on traffic originating
from/terminating at the security gateway. It contains the parameters: local/remote
IP-Addresses and ports. Table 10.1 lists the default connections that are
provisioned on the gateway:
Table 10.1 Default connections in SL6000/SL6300
Name
Type
allow-ike-io passby
allow-all
passby
Proposals
Each proposal represents a set of authentication/encryption parameters.
Once configured, a proposal can be tied to a connection. Upon session
establishment, one of the proposals specified is selected and used for the
tunnel.
Note that multiple proposals can be specified for a connection. If you do not
specify the proposal to be used for a connection, all the pre-configured
proposals will be included for that connection.
Pre-configured IKE proposals
IKE proposals decide the type of encryption, hash algorithms and
authentication method that will be used for the establishment of the session
keys between the endpoints of a tunnel.
Port
Protocol
State
500
UDP
Enabled To allow IKE traffic
---
---
Enabled To allow plain traffic
ASUS VPN ADSL Router
Chapter 10
Purpose
89
Advertisement
Table of Contents
