User's Manual Part 1

ManualsBrandsMitraStar Technology ManualsElectronicsWiMAX Indoor VoIP Wi-Fi IAD

141

142

143

144

145

146

147

148

149

150

Chapter 8 Security

BM2022w User’s Guide

144

This screen contains the following fields:

Table 62 IPSec VPN: Add

LABEL DESCRIPTION

Property

Enable Select Enable to activate this VPN policy.

Connection

Name

Enter the name of the VPN connection.

Connection

Type

Select the scenario that best describes your intended VPN connection.

Initiator - Choose this to connect to an IPSec server. The BM2022w is the client

(dial-in user) and can initiate the VPN connection.

On Demand - Choose this if the remote IPSec router has a static IP address or a

domain name. This BM2022w can initiate the VPN tunnel.

Responder - Choose this to allow incoming connections from IPSec VPN clients.

The clients can have dynamic IP addresses and are also known as dial-in users.

Only the clients can initiate the VPN tunnel.

Gateway Information

Local Endpoint

Interface Select the interface for the VPN gateway.

IP Address Enter the IP address of the BM2022w in the IKE SA.

Remote Endpoint

IP Address Enter the IP address of the remote IPSec router in the IKE SA.

Authentication Method

Pre-Shared

Key

Type your pre-shared key in this field. A pre-shared key identifies a

communicating party during a phase 1 IKE negotiation.

Type from 8 to 31 case-sensitive ASCII characters or from 16 to 62 hexadecimal

("0-9", "A-F") characters. You must precede a hexadecimal key with a "0x” (zero

x), which is not counted as part of the 16 to 62 character range for the key. For

example, in "0x0123456789ABCDEF", “0x” denotes that the key is hexadecimal

and “0123456789ABCDEF” is the key itself.

Local ID Type Select IP to identify the BM2022w by its IP address.

Select Domain Name to identify this BM2022w by a domain name.

Select E-mail to identify this BM2022w by an e-mail address.

Content When you select IP in the Local ID Type field, type the IP address of your

computer in the Content field. If you configure the Content field to 0.0.0.0 or

leave it blank, the BM2022w automatically uses the Pre-Shared Key (refer to

the Pre-Shared Key field description).

It is recommended that you type an IP address other than 0.0.0.0 in the

Content field or use the Domain Name or E-mail ID type in the following

situations.

• When there is a NAT router between the two IPSec routers.

• When you want the remote IPSec router to be able to distinguish between

VPN connection requests that come in from IPSec routers with dynamic WAN

IP addresses.

When you select Domain Name or E-mail in the Local ID Type field, type a

domain name or e-mail address by which to identify this BM2022w in the Local

Content field. Use up to 31 ASCII characters including spaces, although trailing

spaces are truncated. The domain name or e-mail address is for identification

purposes only and can be any string.