Administration
This page can be used to enable/disable IPsec, you may also specify whether NAT-
Traversal should be used.
NAT-Traversal is mainly used for connections which traverse a path where a router
modifies the IP address/port of packets. It encapsulates packets in UDP and therefore
requires a slight overhead which has to be taken into account when running over small-
sized MTU interfaces.
Please note that running NAT-Traversal makes IKE using UDP port 4500 rather than
500 which has to be taken into account when setting up firewall rules.
General
For setting up the tunnel you will have to configure the following parameters first:
Remote peer: IP address or host name of the remote IPsec peer (aka responder or
server)
DPD Status: Specifies whether Dead Peer Detection (see RFC 3706) shall be used.
DPD will detect any broken IPSec connections, in particular the ISAKMP tun-
nel, and refresh the corresponding SAs (Security Associations) and SPIs (Security
Payload Identifier) for a faster re-establishment of the tunnel.
Detection cycle): The delay (in seconds) between DPD keepalives that are sent for this
NB2700 User Manual
Figure 5.27.: IPsec Administration
64
Need help?
Do you have a question about the NB2700 and is the answer not in the manual?