Configuring Vpn; Default Parameters; Table 10.1. Default Connections In The Internet Security Router; Table 10.2. Pre-Configured Ike Proposals In The Internet Security Router - Asus Internet Security Router User Manual

Table of Contents

Internet Security Router User's Manual

Configuring VPN

The chapter contains instructions for configuring VPN connections using automatic keying and manual keys.

10.1 Default Parameters

The Internet Security Router is pre-configured with a default set of proposals/connections. They cover the most

commonly used sets of parameters, required for typical deployment scenarios. It is recommended that you use

these pre-configured proposals/connections to simplify VPN connection setup. The default parameters

provided in the Internet Security Router are as follows:

Default Connections

Each connection represents a rule that can be applied on traffic originating from / terminating at the security

gateway. It contains the parameters: local/remote IP-Addresses and ports.

Table 10.1 lists the default connections that are provisioned on the gateway:

Table 10.1. Default Connections in the Internet Security Router

Name

allow-ike-io passby

allow-all

WARNING

Proposals

Each proposal represents a set of authentication/encryption parameters. Once configured, a proposal can be

tied to a connection. Upon session establishment, one of the proposals specified is selected and used for the

tunnel.

Note that multiple proposals can be specified for a connection. If you do not specify the proposal to be used for

a connection, all the pre-configured proposals will be included for that connection.

Pre-configured IKE proposals

IKE proposals decide the type of encryption, hash algorithms and authentication method that will be used for

the establishment of the session keys between the endpoints of a tunnel. Table 10.2 lists the pre-configured

IKE proposals.

Table 10.2. Pre-configured IKE proposals in the Internet Security Router

Name

Encryption

Algorithm

ike-preshared-

3DES

3des-sha1-dh2

ike-preshared-

3DES

3des-md5-dh2

Type

Port

Protocol State

500

UDP

passby

Do not delete or modify default VPN policies.

Authentication

Algorithm

SHA-1

MD5

Purpose

Enabled To allow the IKE traffic to the

Internet Security Router

Enabled To allow the plain traffic

Diffie-Hellman

Key

Group

Management

Pre-shared

Keys

Pre-shared

Keys

Chapter 10. Configuring VPN

Life time

(secs)

3600

Table of Contents

Show Quick Links

Quick Links:
Firewall Overview
Figure 12.1. System Services Configuration Page

Hide quick links:

Table of Contents

This manual is also suitable for:

Sl1000 Tv box

Configuring Vpn; Default Parameters; Table 10.1. Default Connections In The Internet Security Router; Table 10.2. Pre-Configured Ike Proposals In The Internet Security Router - Asus Internet Security Router User Manual

Configuring VPN

10.1 Default Parameters

Table 10.1. Default Connections in the Internet Security Router

Table 10.2. Pre-configured IKE proposals in the Internet Security Router

Hide quick links:

Related Manuals for Asus Internet Security Router

Related Content for Asus Internet Security Router

This manual is also suitable for:

Table of Contents