User's Manual
Table Of Contents
43
Key Set IPSec VPN key N/A
XAUTH Parameters (Advanced Option)
XAUTH Mode Click to enable XAUTH mode Disable
XATUTH username User defines XATUTH username N/A
XATUTH password User defines XATUTH password N/A
MODECFG Click to enable MODECFG Disable
Phase II Parameters
IPSec Strategy Multiple strategies available 3DES-MD5-96
IPSec Life Cycle Set IPSec life cycle 3600 s
Perfect Forward Secrecy
(PFS) (Advanced Option)
Select disable/Gro
up 1/Group
2/Group 5
Disable (this needs to
match the server)
Link Detection Parameters (Advanced Option)
DPD Interval Set time interval. 60 s
DPD Timeout Set the timeout for dropped packets. 180 s
ICMP Detection Server Set ICMP detection server N/A
ICMP Detection Local IP Set ICMP detection local IP N/A
ICMP Detection Interval Set ICMP Detection Interval 60 s
ICMP Detection Timeout Set ICMP detection timeout 5 s
ICMP Detection Retries Set ICMP detection max. retries 10
The security level of thr
ee encryption algorithms ranks successively: AES, 3DES, DES. The
implementation mechanism of encryption algorithm with stricter security is complex and slow
arithmetic speed. DES algorithm can satisfy the ordinary safety requirements.
3.6.3 GRE Tunnels
Generic Route Encapsulation (GRE) defines the encapsulation of any other network layer protocol
on a network layer protocol. GRE could be used as the L3TP of VPN to provide a transparent
transmission channel for VPN data. In simple terms, GRE is a tunneling technology which
provides a channel through which encapsulated data message could be transmitted and
encapsulation and decapsulation could be realized at both ends. GRE tunnel application
networking shown as the following figure: