User's Manual

ManualsBrandsMitraStar Technology ManualsElectronicsWiMAX Indoor VoIP IAD

131

132

133

134

135

136

137

138

139

140

Chapter 8 Security

BM2022 Users Guide

136

This screen contains the following fields:

Table 56 IPSec VPN: Add

LABEL DESCRIPTION

Property

Enable Select Enable to activate this VPN policy.

Connection

Name

Enter the name of the VPN connection.

Connection

Type

Select the scenario that best describes your intended VPN connection.

Initiator - Choose this to connect to an IPSec server. The BM2022 is the client

(dial-in user) and can initiate the VPN connection.

On Demand - Choose this if the remote IPSec router has a static IP address or

a domain name. This BM2022 can initiate the VPN tunnel.

Responder - Choose this to allow incoming connections from IPSec VPN clients.

The clients can have dynamic IP addresses and are also known as dial-in users.

Only the clients can initiate the VPN tunnel.

Gateway Information

Local Endpoint

Interface Select the interface for the VPN gateway.

IP Address Enter the IP address of the BM2022 in the IKE SA.

Remote Endpoint

IP Address Enter the IP address of the remote IPSec router in the IKE SA.

Authentication Method

Pre-Shared

Key

Type your pre-shared key in this field. A pre-shared key identifies a

communicating party during a phase 1 IKE negotiation.

Type from 8 to 31 case-sensitive ASCII characters or from 16 to 62 hexadecimal

("0-9", "A-F") characters. You must precede a hexadecimal key with a "0x (zero

x), which is not counted as part of the 16 to 62 character range for the key. For

example, in "0x0123456789ABCDEF", 0x denotes that the key is hexadecimal

and 0123456789ABCDEF is the key itself.

Local ID Type Select IP to identify the BM2022 by its IP address.

Select Domain Name to identify this BM2022 by a domain name.

Select E-mail to identify this BM2022 by an e-mail address.

Content When you select IP in the Local ID Type field, type the IP address of your

computer in the Content field. If you configure the Content field to 0.0.0.0 or

leave it blank, the BM2022 automatically uses the Pre-Shared Key (refer to the

Pre-Shared Key field description).

It is recommended that you type an IP address other than 0.0.0.0 in the

Content field or use the Domain Name or E-mail ID type in the following

situations.

 When there is a NAT router between the two IPSec routers.

 When you want the remote IPSec router to be able to distinguish between

VPN connection requests that come in from IPSec routers with dynamic WAN

IP addresses.

When you select Domain Name or E-mail in the Local ID Type field, type a

domain name or e-mail address by which to identify this BM2022 in the Local

Content field. Use up to 31 ASCII characters including spaces, although trailing

spaces are truncated. The domain name or e-mail address is for identification

purposes only and can be any string.