Table of Contents
Advertisement
supported for Vigor3300V routers. IPSec is the security architecture for IP networks. IPSec
provides security services at the IP layer by enabling a system to select required security
protocols. It determines the algorithms to use for the services, and puts in place any
cryptographic keys required to provide the requested services. IPSec can be used to protect
one or more "paths" between a pair of hosts, between a pair of security gateways, or between
a security gateway and a host.
The Vigor3300 Series supports ESP Tunnel mode with IKE for key management. Internet
Key Exchange (IKE) Protocol, a key protocol in the IPSec architecture, is a hybrid protocol
using part of Oakley and part of SKEME in conjunction with ISAKMP to obtain
authenticated keying material for use with ISAKMP, and for other security associations such
as AH and ESP for the IPsec DOI.
4.6.1 IPSec
The IPSec services can provide access control, connectionless integrity, data origin
authentication, rejection of replayed packets that is a form of partial sequence integrity, and
confidentiality by encryption. These objectives are met through the use of two traffic
security protocols, the Authentication Header (AH) and the Encapsulating Security Payload
(ESP), and through the use of cryptographic key management procedures and protocols.
G
e
n
e
r
a
l
S
e
G
e
n
e
r
a
l
S
e
General Setup allows you to set MTU value for VPN. The default number is 1400.
MTU
Auto-connect
t
u
p
t
u
p
The default value is 1400.
If you click Enable for Auto-connect, once the packets match
the source/destination subnet settings of some VPN rule, that
rule will perform auto-connection and make the packets
passing through. However, if you click Disable, you have to
make the VPN connection manually. If the VPN connection is
failed, the packets will not be transmitted, either.
160
Vigor3300V+ Series User's Guide
Advertisement
Table of Contents
