Billion 800VGT User Manual page 81

Adsl voip router

Hide thumbs Also See for 800VGT:

Quick start manual (27 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

Table of Contents

IKE (Internet key Exchange) Mode: Select IKE mode to Main mode or Aggressive mode.

provides secured key generation and key management.

IKE Proposal:

Hash Function: This is a Message Digest algorithm which coverts any length of a message into a unique set

of bits. You can use either MD5 (Message Digest) or SHA-1 (Secure Hash Algorithm) algorithms.

SHA1 is more resistant to brute-force attacks than MD5, however it is slower.

MD5: A one-way hashing algorithm that produces a 128−bit hash.

SHA1: A one-way hashing algorithm that produces a 160−bit hash

Encryption: Select the encryption method from the pull-down menu. There are several options, DES,

3DES and AES (128, 192 and 256). 3DES and AES are more powerful but increase latency.

DES: Stands for Data Encryption Standard, it uses 56 bits as an encryption method.

3DES: Stands for Triple Data Encryption Standard, it uses 168 (56*3) bits as an encryption

method.

AES: Stands for Advanced Encryption Standards, you can use 128, 192 or 256 bits as

encryption method.

Diffie-Hellman Group: It is a public-key cryptography protocol that allows two parties to establish a

shared secret over an unsecured communication channel (i.e. over the Internet). There are three modes,

MODP 768-bit, MODP 1024-bit and MODP 1536-bit. MODP stands for Modular Exponentiation Groups.

Local ID:

Type: Specify local ID type.

Content: Input ID's information, like domain name www.ipsectest.com.

Remote ID:

Type: Specify Remote ID type.

Identifier: Input remote ID's information, like domain name www.ipsectest.com.

SA Lifetime: Specify the number of minutes that a Security Association (SA) will stay active before new

encryption and authentication key will be exchanged. There are two kinds of SAs, IKE and IPSec. IKE

negotiates and establishes SA on behalf of IPSec, an IKE SA is used by IKE.

Phase 1 (IKE): Used to issue an initial connection request for a new VPN tunnel. Any value

can be selected between 5 and 15,000 minutes. The default is 480 minutes.

Phase 2 (IPSec): Used to negotiate and establish secure authentication. Any value can be

selected between 5 and 15,000 minutes. The default is 60 minutes.

A short SA time increases security by forcing the two parties to update the keys. However, every

time the VPN tunnel re-negotiates, access through the tunnel will be temporarily disconnected.

Ping to Keep Alive:

PING to the IP: The router is able to IP Ping the remote PC with a specified IP address and alert the user

when the connection fails.

connection. The connection will need to be re-established. Default setting is 0.0.0.0 which disables this

function.

Interval: This sets the time interval between Pings to the IP function to monitor the connection status.

Default interval setting is 10 seconds. Time interval can be set to any value between 0 and 3600

seconds, 0 second disables this function.

Chapter 4: Configuration

Once the alert message is received, the router will drop this tunnel

Billion 800VGT Router

This IKE

Table of Contents

Billion 800VGT User Manual page 81

Related Manuals for Billion 800VGT

Related Products for Billion 800VGT

Table of Contents