Setting Pptp Parameters - Enterasys ANG-1000 Installation & Service Manual

Configuring the Remote ANG-3000/7000 with APM

Setting PPTP Parameters

To set the PPTP parameters of the ANG, perform the following steps:
3 Choose the type of Secondary Encryption to employ on the ANG.
Secondary encryption is available for clients who do not accept
primary encryption, mainly legacy Aurorean Virtual Network 1.x
Export clients who have not been updated. Since most clients now
can accept the primary encryption choices, we recommend you do
not change the default None option.
Secondary encryption choices are similar to those for Primary
Encryption with the option of disabling secondary encryption
altogether.
4 Choose the Data Integrity algorithm to apply to ANG traffic.
Your selection of an IPsec Signature algorithm determines how IPsec
packets exchanged between the ANG and Aurorean Virtual Network
users are signed and verified. Your choices are, in descending order
of protection:
– HMAC-SHA: Enables hashing message authentication codes
(HMAC) that are generated using the SHA cryptographic
hashing function. HMAC-SHA is generally regarded as stronger,
more secure cryptographic function than HMAC-MD5.
– HMAC-MD5: Enables hashing message authentication codes
(HMAC) that are generated using the Rivest MD5 message digest
algorithm hashing function. While not as strong
cryptographically as HMAC-SHA, HMAC-MD5 provides better
performance.
None: Disables the Signature algorithm. Individual packets are no
–
longer signed and verified during transmission.
5 Choose to enable or disable Compression.
The ANG employs Microsoft Point-to-Point Compression (MPPC).
6 Click Apply Changes.
1 Click on the Protocols option.
The IPsec Configuration window appears as shown in Figure 68.
Installing Software & Setting Networking Configurables
Aurorean Installation & Service Guide
Chapter 3