Manualshelf

User's Manual

ManualsBrandsAdvance Multimedia Internet Technology ManualsElectronicsWiFi Broadband BG
71727374757677787980
WiFiBroadbandBG
BDE761AM-001 User Manual 79
subnet domain for the devices connected via the VPN tunnel.
4. Phase 1 Key Life Time: The value of life time represents the life time of the key
which is dedicated at Phase 1 between both end gateways.
5. Phase 2 Key Life Time: The value of life time represents the life time of the key
which is dedicated at Phase 2 between both end gateways.
6. Encapsulation Protocol: There are three protocols can be selected: ESP, AH,
or ESP+AH.
7. PFS Group: Configures Perfect Forward Secrecy for connections created with
this IPSec transport profile by assigning a Diffie-Hellman prime modulus group.
There are three groups can be selected: Group 1, Group 2, Group 5.
Disable: No PFS group
Group 1: 768-bit Diffie-Hellman prime modulus group
Group 2: 1024-bit Diffie-Hellman prime modulus group
Group 5: 1536-bit Diffie-Hellman prime modulus group
8. Preshare key: The first key that supports IKE mechanism of both VPN gateway
and VPN client host for negotiating further security keys. The pre-shared key
must be the same one for both VPN gateways and clients.
9. Remote ID: The Type and the Value of the local VPN gateway must be the same
as that of the local ID of the remote VPN gateway.
10. Local ID: The Type and the Value of the local VPN gateway must be the same
as that of the Remote ID of the remote VPN gateway.
11. Dead Peer Detection: This feature will detect if remote VPN gateway still exists.
Indicate time of interval between every detection, and assigns value of timeout.
12. XAUTH: For the extended authentication function (XAUTH), the VPN client (or
initiator) needs to provide additional user information to the remote VPN server
(or VPN gateway). The VPN server would reject the connect request from VPN
clients because of invalid user information, even though the pre-shared key is
correct. This function is suitable for remote mobile VPN clients. You can not only
configure a VPN rule with a pre-shared key for all remote users, but you can also
designate account / password for specific users that are permitted to establish
VPN connection with VPN server.
XAUTH - None: Without Extended Authentication (xAuth).
XAUTH - Server: Check this checkbox if the device behaves as a VPN
server, and will validate the user information of VPN clients. You can click on
"XAUTH Account" button at IPSec Setting main page to edit the permitted
user account / password.
13. Set IKE Proposal: Check this checkbox to enable IKE proposals.