Remote Address: IP address of peer side.
Transport Mode:
Transport: usually used in the connection between router and server.
Tunnel: usually used in the connection between two routers.
Passthrough: it allows IPSec protocol to pass through.
Local Endpoint Type:
Network to Network: used in the communication between devices connected to
router and server.
Road Warrior: connect to server as a mobile client.
Subnet: If the "Local Endpoint Type" is "Network to Network", it's the subnet of two
sides.
Next Hop IP: If the device is in LAN, this parameter means gateway's IP.
IPSec Port: If L2TP is opened too, it means the port listened by L2TP. L2TP's default
port is 1701.
IPSec Identify:
For server, please set this parameter to "@server".
For client, please set this parameter to "@client".
Phase 1:
Work Mode:
Main
Aggressive
Perfect Forward Secrecy(PFS): Accurate forwarding and encrypt. Prevent single key
leakage which affects whole communication system.
Debug: Turn on debugging information.
Enable NAT Traversal: If this router is not connecting Internet directly but another
router, please check it.
Authentication:
Pre-shared Key
Certificates
Cipher: DES, 3DES, AES, AES128.
Hash: SHA1, MD5.
DH Group: Group1, Group2, Group5, Group14, Group15, Group16, Group17 and
Group18.
SA Lifetime: Phase negotiation time.
Key: When "Authentication" is "Pre-shared Key", it's the shared key.
Password: When "Authentication" is "Certificates", it's the password of certificate.
Phase 2: Phase 2 is protected by phase 1 SA, any message that is not protected by
phase 1 will be rejected.
DH Group: Group1, Group2, Group5, Group14, Group15, Group16, Group17 and
Group18.
Cipher: DES, 3DES, AES, AES128.
Hash: SHA1, MD5.
厦 门 才 茂 通 信 科 技 有 限 公 司
Xiamen Caimore Communication Technology Co.,Ltd
26