User's Manual Part 1

ManualsBrandsMitraStar Technology ManualsElectronicsWiMAX Indoor VoIP Wi-Fi IAD

141

142

143

144

145

146

147

148

149

150

Chapter 8 Security

BM2022w User’s Guide

147

Local Port Select how the BM2022w checks the connection. The peer must be configured to

respond to the method you select.

Select icmp to have the BM2022w regularly ping the address you specify to

make sure traffic can still go through the connection. You may need to configure

the peer to respond to pings.

Select tcp or udp to have the BM2022w regularly perform a TCP or UDP

handshake with the address you specify to make sure traffic can still go through

the connection. You may need to configure the peer to accept the TCP or UDP

connection. If you select tcp or udp, specify the port number to use for the

connectivity check.

Remote Network Remote IP addresses must be static and correspond to the remote IPSec router's

configured local IP addresses. The remote fields do not apply when the Remote

Endpoint field is configured to 0.0.0.0. In this case only the remote IPSec

router can initiate the VPN.

Two active SAs cannot both have the same local and remote IP address(es). Two

active SAs can have the same local or remote IP address, but not both. You can

configure multiple SAs between the same local and remote IP addresses, as long

as only one is active at any time.

Address Type Select Single address or Subnet address to specify if the VPN connection

terminates at an IP address or subnet.

Start IP

Address

If Single address is selected, enter a (static) IP address on the LAN behind the

remote IPSec’s router.

If Subnet address is selected, specify IP addresses on a network by their

subnet mask by entering a (static) IP address on the LAN behind the remote

IPSec’s router. Then enter the subnet mask to identify the network address.

Subnet Mask If Subnet address is selected, enter the subnet mask to identify the network

address.

Remote Port Select how the BM2022w checks the connection. The peer must be configured to

respond to the method you select.

Select icmp to have the BM2022w regularly ping the address you specify to

make sure traffic can still go through the connection. You may need to configure

the peer to respond to pings.

Select tcp or udp to have the BM2022w regularly perform a TCP or UDP

handshake with the address you specify to make sure traffic can still go through

the connection. You may need to configure the peer to accept the TCP or UDP

connection. If you select tcp or udp, specify the port number to use for the

connectivity check.

IPSec Proposal

Encapsulation

Mode

Select Tunnel mode or Transport mode from the drop-down list box.

Active

Protocol

Select the security protocols used for an SA.

Both AH and ESP increase processing requirements and communications latency

(delay).

If you select ESP here, you must select options from the Encryption

Algorithm

and Authentication Algorithm fields (described below).

Table 62 IPSec VPN: Add

LABEL DESCRIPTION