Specifications
Issue 1.0, April 2006 Section 364-180-N02
©2006 Charles Industries, Ltd.
All rights reserved. Printed in United States of America.
94
Figure 6-59 Web Tool – IPSec: Create New IPSec Endpoint page
• Endpoint ID: This must correspond with the remote gateway’s Negotiation ID. For
instance, the Branch office, with a Negotiation ID of remote@ABCD.com, will use a
Endpoint ID of
main@ABCD.com (which is the Negotiation ID of the Main office). Or,
in Main Mode, the Endpoint ID will be the WAN IP address of the Main Office VPN
Router (in our example, 66.122.47.30).
• Termination IP address: the IP address of the external interface of the VPN router.
• IKE:
authentication method
Select Pre-shared Key
pre-shared key
Both gateways must use the same value.
encryption algorithm
The options include: 3des, des, blowfish
hash algorithm
The options include: md5, shal
• SA lifetime (seconds): Specifies the time-to-live for the overall security
association. When the SA expires, all keys negotiated under the association (AH or
ESP) must be renegotiated regardless of the time-to-live remaining for the keys. It
is specified as the maximum number of seconds the SA can be used. The default
value is 3600.
• IPSec:
protocol
The options include: ah, esp, ipcomp,
ah-esp, ah-ipcomp, esp-ipcomp.
ESP transform
The options include: 3des, des, blowfish,
ro4, esp-null, null.
ESP auth
The options include: md5, shal, des-mac,
The availability of features and technical specifications herein subject to change without notice.