1. Manuals
  2. Brands
  3. LevelOne Manuals
  4. Network Router
  5. NetCon FBR-4000
  6. User manual

LevelOne FBR-4000 User Manual page 61

Multi-wan vpn router
Hide thumbs Also See for FBR-4000:
Table of Contents

Advertisement

Security Level
Key Management
Encryption Method – Specifies the encryption mechanism to use.
Data encryption makes the data unreadable if intercepted. There
are three encryption methods available: DES, 3DES and AES. The
default setting is null.
Authentication Method – Specifies the packets authentication
mechanism to use. Packets authentication confirms if the data‟s
source is correct or not. There are three authentication methods
available - MD5, SHA1 and SHA2.
ESP Mode – Only Tunnel Mode is available. It offers the most
protection against an intruder trying to intercept VPN packets.
Key Type – Two key types are available for the key exchange
management - Manual Key and Auto Key:
Manual Key – If manual key is selected, no key negotiation is
needed. The following fields to be set are:
Encryption Key –This field specifies a key to encrypt and
1.
decrypt IP traffic.
Authentication Key – This field specifies a key to use to
2.
authenticate IP traffic.
Inbound/out bound SPI (Security Parameter Index) – This
3.
information is carried on the ESP header. Each tunnel must
have a unique inbound and outbound SPI and no two tunnels
share the same SPI. Note that the Inbound SPI must match the
other router‟s outbound SPI.
AutoKey (IKE) – There are two types of operation modes which
can be used in Phase 1 Negotiation:
Main mode – Accomplishes a Phase 1 IKE exchange by
1.
establishing a secure channel.
Aggressive Mode – This is another way of accomplishing a
2.
phase one exchange. It is faster and simpler than Main Mode
but does not provide identity protection for the negotiating
nodes.
Perfect Forward Secrecy (PFS) – If PFS is enabled, Phase 2 IKE
negotiation will generate new key data for IP traffic encryption &
authentication. If set to Enable, a hacker using brute force in an
attempt to break encryption keys is not able to obtain other or
future IPSec keys.
Preshared Key – This field is used to authenticate the remote IKE
peer.
It is a "pass code" or "password" which must be the same one
used between both the local site and remote site. Otherwise the
VPN tunnel will not be established.
Key Lifetime – This specifies the lifetime of the IKE generated
Key. If the time expires or passed data exceeds the allowed
volume, a new key will be renegotiated. By default, 0 is set for No
Limit.
Page 58

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the FBR-4000 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for LevelOne FBR-4000

Related Products for LevelOne FBR-4000

Table of Contents