Ipsec Advanced Settings - D-Link DFL-1660 User Manual

9.4.6. IPsec Advanced Settings

Packet length
# payloads
Payloads:
HASH (Hash)
Payload data length : 16 bytes
SA (Security Association)
Payload data length : 56 bytes
DOI : 1 (IPsec DOI)
Proposal 1/1
Protocol 1/1
NONCE (Nonce)
Payload data length : 16 bytes
ID (Identification)
Payload data length : 8 bytes
ID : ipv4(any:0,[0..3]=10.4.2.6)
ID (Identification)
Payload data length : 12 bytes
ID : ipv4_subnet(any:0,[0..7]=10.4.0.0/16)
Step 9. Client Confirms Tunnel Setup
This last message is a message from the client saying that the tunnel is up and running. All
client/server exchanges have been successful.
IkeSnoop: Received IKE packet from 192.168.0.10:500 Exchange type :
Quick mode ISAKMP Version : 1.0
Flags
Cookies
Message ID
Packet length
# payloads
Payloads:
HASH (Hash)
Payload data length : 16 bytes
9.4.6. IPsec Advanced Settings
The following NetDefendOS advanced settings are available for configuring IPsec tunnels.
IPsec Max Rules
This specifies the total number of IP rules that can be connected to IPsec tunnels. By default this is
initially approximately 4 times the licensed IPsecMaxTunnels and system memory for this is
allocated at startup. By reducing the number of rules, memory requirements can be reduced but
making this change is not recommended.
IPsec Max Rules will always be reset automatically to be approximately 4 times IPsec Max
: 156 bytes
: 5
Protocol ID
SPI Size
SPI Value
Transform 1/1
Transform ID
Key length
Authentication algorithm : HMAC-MD5
SA life type
SA life duration
SA life type
SA life duration
Encapsulation mode
: E (encryption)
: 0x6098238b67d97ea6 -> 0x5e347cb76e95a
: 0xaa71428f
: 48 bytes
: 1
: ESP
: 4
: 0xafba2d15
: Rijndael (aes)
: 128
: Seconds
: 21600
: Kilobytes
: 50000
: Tunnel
371
Chapter 9. VPN