Multitech MultiModem rCell MTCBA-H3-EN3-P1 User Manual page 52

Chapter 3 – Using the Web Management Software
Authentication Key
Encryption Method
Encryption Key
SPI Base
Left Next Hop
Local WAN IP
Local LAN
Remote Gateway IP
FQDN
Remote LAN
Multi-Tech Systems, Inc. MultiModem rCell User Guide
The VPN firewall could use either MD5-96 or SHA1-96 for authentication. For example,
MD5-96 could have a key of abcdefgh12345678.
Authentication Protocol
SHA1-96
MD5-96
Select the encryption method. Options include: 3DES, AES-128, AES-192, AES-256, and
NULL (no encryption).
The router can use any one of the methods specified in its encryption algorithm. For
example 3DES uses 24 alphanumeric characters (192 bits) as its encryption key.
Example: 1234567890abcdefabcdabcd
Encryption Protocol
Null
3DES
AES-128
AES-192
AES-256
The Security Parameter Index identifies a manual connection. The SPI is a unique
identifier in the SA (Secure Association – a type of secure connection) that allows the
receiving computer to select the SA under which a packet processes. SPI Base is a
number needed by the manual keying code. Enter any 3-digit hexadecimal number,
which is unique for a security association. It should be in the form 0xhex (0x100 through
0xfff is recommended). If you have more than one manual connection, then the SPI
Base must be different for each one.
Next Hop is the address of the next device in a routing table's path that moves a packet
to its destination. Configure this setting or leave it as a static value: 0.0.0.0. When not
configured, the value is set to the Gateway of the Box/Gateway configured on the
Interface/Right IP. The selection is based on the Left and Right IP.
Select the Interface to initiate the IPSec tunnel (Left Security Gateway).
Select the internal subnet of the local security gateway for which the security services
are to be provided. If the router acts as a host, this should be configured as None. Other
options are: Any, LAN, LAN Interface, WAN 1, WAN 1 Interface.
Select the interface in which the IPSec tunnel ends. In the case of Road Warriors with a
Dynamic IP addresses, this should be configured as ANY. Other options include: LAN,
LAN Interface, WAN 1, WAN 1 Interface, and None.
FQDN is a Fully Qualified Domain Name that resolves to the Local Wan IP of the router
or in the case of GRE/IPSEC, it is used to identify the Wan IP of the remote location. This
is provided by your ISP or created by you if you are using a Dynamic DNS service. When
FQDN is selected, the Remote Gateway IP should be left blank.
This is the internal subnet of the remote security gateway for which the security
services are to be provided. If the remote end is a host, this should be configured as
None.
Key Length
Must be 20 characters
Must be 16 characters
Key Length
Must be 24 characters
Must be 24 characters
Must be 16 characters
Must be 24 characters
Must be 32 characters
Accepted Characters
Alphanumeric
Alphanumeric
Accepted Characters
Alphanumeric
Alphanumeric
Alphanumeric
Alphanumeric
Alphanumeric
52