Manualshelf

User manual

ManualsBrandsDigi ManualsOtherNetwork Router X8
101102103104105106107108109110
105
Configure Digi devices
5 In the Identity setting, specify how the VPN client and its security settings
will be identified to the remote VPN endpoint. This value must match the
value provided by the remote VPN endpoint. You can either specify an
identity string or use the mobile IP address as the entity.
Use the following as the identity:
Identity string: Identifies the VPN client with the remote VPN endpoint. The
default is macaddress@digi.com. You can also specify the identity as:
A Fully Qualified Domain Name (FQDN): Usually the FQDN of the Digi
Connect device. For example: www.myhost.com
A User FQDN: Similar to standard FQDN but with a user name. The
format is the same as an email address. For example: user@myhost.com
A Network Address (IPv4): A standard IP address (version 4) that uses
the standard IPv4 dotted format (four numeric values between 0 and 255
separated by periods). For example: 10.0.0.1
Use the Mobile IP Address as the identity: The IP address of your mobile
network interface will automatically be used as the VPN identity.
6 Specify the General Security Settings for the VPN connection.
Connection Mode: The method in which Internet Key Exchange (IKE) phase
one negotiations is completed. IKE phase one negotiations are used to establish
the various security settings and establish a secure channel for subsequent
messages.The default is Main Mode.
Main Mode: Processes phase one negotiations with three 2-way
exchanges between the VPN client and remote VPN endpoint. The
exchanges are meant to match Internet Key Exchange Security
Associations (SA) between peers to provide a protected pipe for
subsequent protected ISAKMP exchanges between the peers. The first
exchange is responsible for negotiating and agreeing upon the algorithms
and hashes/keys used to secure the Internet Key Exchange
communications. The second exchange uses a Diffie-Hellman exchange
per the specified Diffie-Hellman group to generate nonces and shared
secret keys in order to sign and prove identities. The third exchange
verifies the identity per the specified Identity.