Table of Contents
Advertisement
29
Phase 1:
Work Mode:
Main
Aggressive
Perfect Forward Secrecy(PFS): Accurate forwarding and encrypt. Prevent single key
leakage which affects whole communication system.
Debug: Turn on debugging information.
Enable NAT Traversal: If this router is not connecting Internet directly but another
router, please check it.
Authentication:
Pre-shared Key
Certificates
Cipher: DES, 3DES, AES, AES128.
Hash: SHA1, MD5.
DH Group: Group1, Group2, Group5, Group14, Group15, Group16, Group17 and
Group18.
SA Lifetime: Phase negotiation time.
Key: When "Authentication" is "Pre-shared Key", it's the shared key.
Password: When "Authentication" is "Certificates", it's the password of certificate.
Phase 2: Phase 2 is protected by phase 1 SA, any message that is not protected by phase
1 will be rejected.
DH Group: Group1, Group2, Group5, Group14, Group15, Group16, Group17 and
Group18.
Cipher: DES, 3DES, AES, AES128.
Hash: SHA1, MD5.
SA Lifetime: Phase negotiation time.
Other Parameters:
DPD Delay / DPD timeout: After tunnel is built, in order to check tunnel state, router
will send LCP packet in every tunnel check interval. When the number of
tunnel-checking failures over the value of "DPD timeout", router will initiate to terminate
the connection and send a request to rebuild the tunnel.
IPcomp: IP payload compression.
4.3.2.2 L2TP
L2TP (Layer 2 Tunneling Protocol) is a kind of VPDN technology, it's specifically used
in transferring data in layer 2 tunnel. Also means it'll encapsulate data units of layer 2(such as
PPP data) within an IP or UDP payload.
Add: 3F, 1st Building, 23# Wanghai Road, Xiamen
Web:http://en.caimore.com
厦 门 才 茂 通 信 科 技 有 限 公 司
Xiamen
Caimore
Communication Technology Co.,Ltd
Tel: +86-592-5902655
Fax:+86-592-5975885
Advertisement
Table of Contents
