Table of Contents
Advertisement
VPN menu features
IPSec Advanced Setup wizard
Fill in the fields.
Indicate the Local Network that will have access to the remote network. You can select from a list of
a
predefined values based on the current network configuration and existing Definitions, or you can
define custom networks. Custom networks can be specified in the following formats:
• Can be left blank
• Can be an IP address of the form a.b.c.d
• An IP address and a valid netmask specified in either the /24 or 255.255.255.0 format
Indicate the Remote Network that the specified local network should have access to. You can select
b
from a list of predefined values based on the current network configuration and existing Definitions, or
you can define custom networks. Custom networks can be specified in the following formats:
• Can be an IP address of the form a.b.c.d
• An IP address and a valid netmask specified in either the /24 or 255.255.255.0 format
Click Add. The pair appears in the Local and Remote Network list
c
delete icon to delete the pair and define a different pair.
Note:
You can add as many network pairs as required for your environment. The network pairs defined in
this page define the traffic that IPSec passes over the tunnel. If the traffic does not match the network pairs
defined in the Phase 2 Settings page, IPSec drops the packets.
Figure 273 Local Endpoint Settings
[Optional] In the Key lifetime field, adjust the number of seconds between when the phase 2 keys
d
should be renegotiated. Default: 3600.
Leave the Phase 2 Proposal at the default. The default setting is nearly always correct, particularly
e
if you are communicating with another UTM Firewall appliance.
[Optional] Perfect Forward Secrecy is enabled by default. To disable this option, de-select the Perfect
f
Forward Secrecy checkbox.
[Optional] If Perfect Forward Secrecy is enabled, you can select the Diffie-Hellman group to use. The
g
default is Diffie-Hellman group 2 (1024 bit). Option are:
• Diffie-Hellman Group 1 (768 bit)
• Diffie-Hellman Group 2 (1024 bit)
• Diffie-Hellman Group 5 (1536 bit)
• Diffie-Hellman Group 14 (2048 bit)
272
McAfee UTM Firewall 4.0.4 Administration Guide
(Figure
273). You can click the
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Related Manuals for McAfee SG310
Related Products for McAfee SG310
- McAfee SG720
- McAfee SAV85E - Active VirusScan - PC
- MCAFEE AGENT 4.0 PATCH 2 - FOR WINDOWS S 10-03-2009
- MCAFEE EPOLICY ORCHESTRATOR 4.0 PATCH 5 - S 12-05-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 1 - S 24-04-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 2 - S 31-08-2009
- MCAFEE VIRUSSCAN ENTERPRISE 8.7I PATCH 3 - S 09-02-2009
- McAfee SMEFCE-AI-DA - Email Security Service Inbound