Table of Contents
Advertisement
IPSec (Phase 2) Proposal
Protocol
Select ESP (Encapsulating Security Payload) or AH (Authentication Header) for
traffic through the VPN.
• AH (Authentication Header) to provide connectionless integrity and data
origin authentication for IP datagrams and to provide protection against replay
attacks.
• ESP (Encapsulating Security Payload) to provide confidentiality, data origin
authentication, connectionless integrity, an anti-replay service (a form of partial
sequence integrity), and limited traffic flow confidentiality.
Encryption
The WLR-5001 supports DES, 3DES, AES128, AES192, AES256 encryption
methods for traffic through the VPN.
Authentication
The WLR-5001 supports SHA1, MD5 methods for authentication.
Perfect Forward Secrecy
Select Enable or Disable to enable or disable PFS (Perfect Forward Secrecy). PFS
is an additional security protocol.
DH Group
Select a PFS DH Group from the drop-down menu (Group 1, Group2, Group5,
Group14). As the DH Group number increases, the higher the level of encryption
implemented for PFS.
Life Time
Enter the number of seconds for the IPSec Lifetime. The period of time to pass
before establishing a new IPSec security association (SA) with the remote
endpoint. The default value is 28800.
Network
This page allows you to configure the VPN server and
local/remote subnet.
Security Gateway Type
Security Gateway
Local Network
Remote Network
Security Gateway Type supports IP Address and
Domain Name. Select one of them.
The IP address or domain name of the VPN server.
Enter the local (LAN) subnet and mask.
(ex. 192.168.0.0/255.255.255.0)
Enter the remote subnet and mask.
(ex. 192.168.9.0/255.255.255.0)
Advertisement
Table of Contents
Need help?
Do you have a question about the N600 X5 and is the answer not in the manual?