Planet Networking & Communication MH-5001 User Manual page 114

MH-5001 User Manual
Outgoing
Interface
Peer's IP Address
Outgoing SPI
Incoming SPI
Encapsulation
Mode
Action
ESP –
Encryption /
Authentication
AH -
Authentication
Step 4. Detail settings of IPSec Manual
Key
For the detailed setting in the Manual Key. We
can press the Advanced button in the previous
page. Then set the parameter separately.
FIELD
Transport Layer
Condition
Protocol
The WAN interface you are going to build IPSec
tunnel with.
The IP address of remote site device, like
MH-5001 Multi-Homing Security Gateway.
The Outgoing SPI (Security Parameter Index)
value.
The Incoming SPI (Security Parameter Index)
value.
Choose Tunnel or Transport mode, see Chapter
12 for details.
Select the Encryption (DES, 3DES, AES or Null)
and Authentication (MD5, SHA1 or NULL)
Algorithm combination. And enter the key either
hex or string form separately.
Notice: You can not select both Encryption and
Authentication "NULL" type.
Use the Authentication method only. And enter
the key either hex or string form.
Table 13-6 Add a IPSec Manual Key rule
ADVANCED SETTINGS > VPN Settings > IPSec > Manual Key > Add
> Advanced
DESCRIPTION
Utilize this field to select some packets which are
specified protocol (ANY, TCP, UDP). If the
packets are not the specified protocol will not be
allowed to pass through IPSec tunnels.
WAN interfaces
IPv4 format
hex (600 ~ 600000) /
dec(1500 ~ 6300000)
hex(600 ~ 600000) /
dec(1500 ~ 6300000)
Transport / Tunnel
Encryption:
DES(64bits) /
3DES(192bits) /
AES(128, 192, 256bits) /
NULL
Authentication:
MD5(128bits) /
SHA1(160bits) /
NULL
Input format:
hex{0-9,a-f,A-F}/
str{text string}
MD5(128bits) /
SHA1(160bits)
Input format:
hex{0-9,a-f,A-F}/
str{text string}
ANY / TCP / UDP
111
Virtual Private Network – IPSec
Encryption
Authentication
Range / Format EXAMPLE
Chapter 13
WAN1
210.2.1.1
hex: 2222
hex: 1111
Tunnel
ESP –
(DES) /
(MD5)
Disabled
ANY