1. Manuals
  2. Brands
  3. Cradlepoint Manuals
  4. Wireless Router
  5. MBR1400 Series
  6. User manual

Cradlepoint MBR1400 User Manual page 40

Arc series router
Hide thumbs Also See for MBR1400:
Table of Contents

Advertisement

User Manual
/
MBR1400
the form of "host.domain.com" (DNS names are case-
insensitive, so only lower case letters are allowed).
It is recommended that you use a dynamic DNS
hostname instead of the static IP address – by using
the dynamic DNS hostname, updates of the remote
WAN IP are compensated for while connecting to a
VPN tunnel.
Add/Edit Tunnel – Remote Networks
The Network Address and the Netmask define the
remote network address range that local devices will
have access to via the VPN tunnel.
NOTE: the remote network IP address MUST be
different from the local network IP address.
Optionally: A Port can be defined that will limit the
traffic going through the VPN tunnel to only that port. If the field is left blank, any port will be accepted by the
tunnel.
Add/Edit Tunnel – IKE Phase 1
IKE security has two phases, phase 1 and phase 2. You have the ability to distinctly configure each phase, but
the default settings will be sufficient for most users.
To set up a tunnel with a remote site, you need to
match your tunnel's IKE negotiation parameters with
the remote site. By selecting several encryption,
hash, and DH group options, you improve your
chances for a successful tunnel negotiation. For
greatest compatibility, select all options; for greatest
security, select only the most secure options that
your devices support.
Exchange Mode: The IKE protocol has two modes
of negotiating phase 1 – Main (also called Identity
Protection) and Aggressive.
In Main mode, IKE separates the key information
from the identities, allowing for the identities of
peers to be secure at the expense of extra packet exchanges.
In Aggressive mode, IKE tries to combine as much information into fewer packets while maintaining
security. Aggressive mode is slightly faster but less secure.
Because it has better security, Main mode is recommended for most users.
Key Lifetime: The lifetime of the generated keys of phase 1 of the IPsec negotiation from IKE. After the time
has expired, IKE will renegotiate a new set of phase 1 keys.
Encryption, Hash, and DH Groups
Each IKE exchange uses one encryption algorithm, one hash function, and one DH group to make a secure
exchange.
Encryption: Used to encrypt messages sent and received by IPsec.
AES 128
©2015 Cradlepoint. All Rights Reserved.
|
+1.855.813.3385
|
cradlepoint.com
40
Show Quick Links

Hide quick links:

Advertisement

Table of Contents
loading

Related Manuals for Cradlepoint MBR1400

Related Products for Cradlepoint MBR1400

Table of Contents