Manualshelf

User manual

ManualsBrandsBaseWall ManualsComputer equipmentDual WAN VPN Firewall VPN 2000
61626364656667686970
- BaseWall VPN 6000 user manual -
Dead peer detection: when the tunnel is not connecting directly the dead
peer detection closes the tunnel and tries to connect again. This can give
less connectivity when the other side doesn't react right.
NAT Traversal: when the tunnel is behind a NAT connection the software
detects this and tries to compensate for it. With 'force' it will always assume
that it is behind a NAT. This firewall uses the rfc3947 definition.
Lifetime: when will the software exchange new keys for the tunnel.
14.3 Policy options
Type: the AH is somewhat more secure but NAT Traversal won't work in
combination with AH. Only AH without esp doesn't encrypt the data.
Modus: when multiple tunnels are defined behind the same host the same
keys can be used for those tunnels. Specifically Cisco routers need unique
keys for these tunnels.
Protocols: set it to any when the other IPSec implementation doesn't know to
handle the different protocols.
Direction: the traffic allowed in this policy is (in/out/both) of the tunnel.
Page 67 / 79