Motorola Netopia 2200 Series User Manual page 101

Links Bar
Table 3: IPSec Tunnel Details page parameters
PAT Address
If NAT is enabled, this field appears. You can specify a Port Address Trans-
lation (PAT) address or leave the default all-zeroes (if Xauth is enabled). If
you leave the default. the address will be requested from the remote router
and dynamically applied to the Gateway.
Negotiation
This parameter refers to the method used during the Phase I key
Method
exchange, or IKE process. SafeHarbour supports Main or Aggressive
Mode. Main mode requires 3 two-way message exchanges while Aggres-
sive mode only requires 3 total message exchanges.
Local ID type If Aggressive mode is selected as the Negotiation Method, this option
appears. Selection options are: IP Address, Subnet, Hostname, ASCII
Local ID Address/ If Aggressive mode is selected as the Negotiation Method, this field
Value appears. This is the local (Gateway-side) IP address (or Name Value, if Sub-
net or Hostname are selected as the Local ID Type).
Local ID Mask
If Aggressive mode is selected as the Negotiation Method, and Subnet as
the Local ID Type, this field appears. This is the local (Gateway-side) sub-
net mask.
Remote ID Type
If Aggressive mode is selected as the Negotiation Method, this option
appears. Selection options are: IP Address, Subnet, Hostname, ASCII.
Remote ID If Aggressive mode is selected as the Negotiation Method, this field
Address/Value appears. This is the remote (central-office-side) IP address (or Name Value,
if Subnet or Hostname are selected as the Local ID Type).
Remote ID Mask
If Aggressive mode is selected as the Negotiation Method, and Subnet as
the Remote ID Type, this field appears. This is the remote (central-office-
side) subnet mask.
Pre-Shared Key
The Pre-Shared Key Type classifies the Pre-Shared Key. SafeHarbour sup-
Type
ports ASCII or HEX types
Pre-Shared Key
The Pre-Shared Key is a parameter used for authenticating each side. The
value can be ASCII or Hex and a maximum of 64 characters. ASCII is case-
sensitive.
DH Group Diffie-Hellman is a public key algorithm used between two systems to
determine and deliver secret keys used for encryption. Groups 1, 2 and 5
are supported.
PFS Enable
Perfect Forward Secrecy (PFS) is used during SA renegotiation. When PFS
is selected, a Diffie-Hellman key exchange is required. If enabled, the PFS
DH group follows the IKE phase 1 DH group.
SA Encrypt Type
SA Encryption Type refers to the symmetric encryption type. This encryp-
tion algorithm will be used to encrypt each data packet. SA Encryption
Type values supported include DES and 3DES.
101