User`s manual

• Configure the VPN tunnel.

VPN Tunnel

Name

Enter a name for the tunnel. The name can contain numbers (0-9) and upper and lower case

letters (A-Z, a-z), and the special characters - and _. Spaces and the @ character are not

allowed. If you are configuring a VPN between two DFL-500 gateways, it is recommended that

you use the same tunnel name on both sides of the VPN.

Local SPI

(Secure Parameter Index) Enter a hexadecimal number of up to eight digits (digits can be 0 to

9, a to f). This number must be added to the Remote SPI at the opposite end of the tunnel.

Remote SPI

Enter a hexadecimal number of up to eight digits. This number must be added to the Local SPI

at the opposite end of the tunnel.

Remote

Gateway

Enter the external IP address of the DFL-500 or other IPSec gateway at the opposite end of the

tunnel.

Encryption

Algorithm

Select an algorithm from the list. Make sure you use the same algorithm at both ends of the

tunnel.

Encryption Key

Required for encryption algorithms that include ESP-DES or ESP-3DES.

For all DES Encryption algorithms enter one hexadecimal number of up to 16 digits. Use the

same encryption key at both ends of the tunnel

For all 3DES encryption algorithms enter three hexadecimal numbers of up to 16 digits each.

Use the same encryption key at both ends of the tunnel.

Authentication

Key

Required for encryption algorithms that include MD5 or SHA1.

For MD5 encryption algorithms enter two hexadecimal numbers of 16 digits each. Use the

same authentication key at both ends of the tunnel.

For SHA1 encryption algorithms, enter two hexadecimal numbers, one of 16 digits and one of

20 digits. Use the same authentication key at both ends of the tunnel.

• Click OK to save the manual key VPN tunnel.

Example manual key exchange VPN tunnel:

Adding internal and external addresses

Use the procedure Adding internal and external addresses to configure the internal and external addresses

used by the VPN policy.

DFL-500 User’s Manual