1. Manuals
  2. Brands
  3. Cradlepoint Manuals
  4. Wireless Router
  5. COR IBR600
  6. User manual

Cradlepoint IBR600 User Manual page 40

Hide thumbs Also See for IBR600:
Table of Contents

Advertisement

User Manual
/
IBR600/IBR650
NOTE: the local network IP address MUST be different from the remote network IP address.
Optionally: A Port can be defined that will limit the traffic going through the VPN tunnel to only that port. If
the field is left blank, any port will be accepted by the tunnel.
Add/Edit Tunnel – Remote Gateway
Gateway: This value can be any of the following: an
IPv4 address, an IPv6 address, or a fully qualified
name in the form of "host.domain.com" (DNS names
are case-insensitive, so only lower case letters are
allowed). It is recommended that you use a dynamic
DNS hostname instead of the static IP address – by
using the dynamic DNS hostname, updates of the
remote WAN IP are compensated for while connecting
to a VPN tunnel.
Add/Edit Tunnel – Remote Networks
The Network Address and the Netmask define the
remote network address range that local devices will
have access to via the VPN tunnel.
NOTE: the remote network IP address MUST be
different from the local network IP address.
Optionally: A Port can be defined that will limit the traffic going through the VPN tunnel to only that port. If
the field is left blank, any port will be accepted by the tunnel.
Add/Edit Tunnel – IKE Phase 1
IKE security has two phases, phase 1 and phase 2.
You have the ability to distinctly configure each
phase, but the default settings will be sufficient for
most users.
To set up a tunnel with a remote site, you need to
match your tunnel's IKE negotiation parameters with
the remote site. By selecting several encryption,
hash, and DH group options, you improve your
chances for a successful tunnel negotiation. For
greatest compatibility, select all options; for greatest
security, select only the most secure options that
your devices support.
Exchange Mode: The IKE protocol has two modes
of negotiating phase 1 – Main (also called Identity
Protection) and Aggressive.
In Main mode, IKE separates the key information from the identities, allowing for the identities of peers to
be secure at the expense of extra packet exchanges.
In Aggressive mode, IKE tries to combine as much information into fewer packets while maintaining
security. Aggressive mode is slightly faster but less secure.
Because it has better security, Main mode is recommended for most users.
©2015 Cradlepoint. All Rights Reserved.
11/5/15
|
+1.855.813.3385
|
cradlepoint.com
40
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cradlepoint IBR600

Related Products for Cradlepoint IBR600

This manual is also suitable for:

Ibr650Cor ibr650

Table of Contents