Specifications
OmniAccess Reference: AOS-W System Reference
514 Part 031652-00 May 2005
Configuring VPN Server Emulation Using Web UI
It is sometimes common for users in multi-campus environments to move
between campuses with their laptops. When this occurs there may be a loss of
optimization of the user’s connection because the dialer is configured with the
IP address of the home switch.
The VPN Server Emulation feature negates this loss of optimization by
intercepting the sessions destined for the home switch and provides them
with a local termination.
The number of IP addresses which may be added to the list of server
addresses is limited to approximately 650. The exact number of IP addresses
may be calculated by the following:
z IKE Hash Algorithm Specifies which hash algorithm will be
used by IKE. The choice in the dialer must
match the algorithm specified in the IPSec
IKE policy on the switch. The default is
SHA.
z IKE Authentication Specifies wither RSA signatures or a
Pre-shared key for IKE authentication and
must match that specified in the IPSec IKE
policy on the switch.
The shared secret must match that
specified in the IKE share secret policy on
the switch.
z IPSec Lifetime (sec-
onds)
The value entered specifies the length of
the IPCEC security association, in
seconds. The default is 7200 (2 hours).
z IPSec Mode Group Choose the IPSEDC Perfect Forward
Secrecy (PFS) mode. The default is Group
2.
z IPSec Encryption Specifies the encryption type for IPSec.
The default is ESP-3DES.
z IPSec Hash Algorithm Specifies which hash algorithm will be
used by IKE. The choice in the dialer must
match the algorithm specified in the IPSec
IKE policy on the switch. The default is
SHA.