Table of Contents
Advertisement
Virtual Private Network – IPSec
Encryption Algorithm
Phase2
Encryption Algorithm
Step 5 ¡ Ð
Remind to add a Firewall rule
After finishing IPSec rule settings, we need to add
a firewall rule. Here system shows a window
message to remind you of adding a firewall rule.
Step 6 ¡ Ð
Add a Firewall rule
Beforehand, please make sure that the Firewall is
enabled. Select WAN1-to-LAN1 to display the rules
of this direction. The default action of this
direction is Block with Logs. We have to allow
the VPN traffic from the WAN1 side to enter our
LAN1 side. So we click the Insert button to add
a Firewall rule before the default rule.
Choose an encryption and authentication algorithm.
Set the IKE SA lifetime. A value of 0 means IKE SA
SA Life Time
negotiation never times out. See Chapter 8 for details.
Choose a Diffie-Hellman public-key cryptography key
Key Group
group
View only, it is set previously and can not be edited
Encapsulation
again.
View only, it is set previously and can not be edited
Active Protocol
again.
Choose an encryption and authentication algorithm.
Set the IPSec SA lifetime. A value of 0 means IKE SA
SA Life Time
negotiation never times out. See Chapter 8 for details.
Perfect Forward
Enabling PFS means that the key is transient. This extra
Secrecy(PFS)
setting will cause more security.
Table 9-3 Setup Advanced feature in the IPSec IKE rule
ADVANCED SETTINGS > VPN Settings > IPSec > IKE > Add
ADVANCED SETTINGS > Firewall > Edit Rules
53
DFL-900 User Manual
Encrypt and
Authenticate
(DES¡ B MD5)
28800 sec
DH1
Tunnel
ESP
Encrypt and
Authenticate
(DES¡ B MD5)
28800 sec
DH1
Advertisement
Table of Contents
