Specifications

ManualsBrandsMotorola ManualsComputer equipmentNetopia Embedded Software

151

152

153

154

155

156

157

158

159

160

Administrator’s Handbook

152

Local ID Mask If Aggressive mode is selected as the Negotiation Method, and Subnet as

the Local ID Type, this ﬁeld appears. This is the local (Gateway-side) sub-

net mask.

Remote ID Type If Aggressive mode is selected as the Negotiation Method, this option

appears. Selection options are: IP Address, Subnet, Hostname, ASCII.

Remote ID

Address/Value

If Aggressive mode is selected as the Negotiation Method, this ﬁeld

appears. This is the remote (central-ofﬁce-side) IP address (or Name Value,

if Subnet or Hostname are selected as the Local ID Type).

Remote ID Mask If Aggressive mode is selected as the Negotiation Method, and Subnet as

the Remote ID Type, this ﬁeld appears. This is the remote (central-ofﬁce-

side) subnet mask.

Pre-Shared Key

Type

The Pre-Shared Key Type classiﬁes the Pre-Shared Key. SafeHarbour sup-

ports ASCII or HEX types

Pre-Shared Key The Pre-Shared Key is a parameter used for authenticating each side. The

value can be ASCII or Hex and a maximum of 64 characters. ASCII is case-

sensitive.

DH Group Difﬁe-Hellman is a public key algorithm used between two systems to

determine and deliver secret keys used for encryption. Groups 1, 2 and 5

are supported.

PFS Enable Perfect Forward Secrecy (PFS) is used during SA renegotiation. When PFS

is selected, a Difﬁe-Hellman key exchange is required. If enabled, the PFS

DH group follows the IKE phase 1 DH group.

SA Encrypt Type SA Encryption Type refers to the symmetric encryption type. This encr yp-

tion algorithm will be used to encrypt each data packet. SA Encryption

Type values supported include DES and 3DES.

SA Hash Type SA Hash Type refers to the Authentication Hash algorithm used during SA

negotiation. Values supported include MD5 and SHA1. N/A will display if

NONE is chosen for Auth Protocol.

Invalid SPI

Recovery

Enabling this allows the Gateway to re-establish the tunnel if either the

Motorola Netopia® Gateway or the peer gateway is rebooted.

Soft MBytes Setting the Soft MBytes parameter forces the renegotiation of the IPSec

Security Associations (SAs) at the conﬁgured Soft MByte value. The value

can be conﬁgured between 1 and 1,000,000 MB and refers to data trafﬁc

passed. If this value is not achieved, the Hard MBytes parameter is

enforced. This parameter does not need to match the peer gateway

Soft Seconds Setting the Soft Seconds parameter forces the renegotiation of the IPSec

Security Associations (SAs) at the conﬁgured Soft Seconds value. The

value can be conﬁgured between 60 and 1,000,000 seconds. This param-

eter does not need to match the peer gateway.

Hard MBytes Setting the Hard MBytes parameter forces the renegotiation of the IPSec

Security Associations (SAs) at the conﬁgured Hard MByte value.

The value can be conﬁgured between 1 and 1,000,000 MB and refers to

data trafﬁc passed. This parameter does not need to match the peer gate-

way.

Hard Seconds Setting the Hard Seconds parameter forces the renegotiation of the IPSec

Security Associations (SAs) at the conﬁgured Hard Seconds value. The

value can be conﬁgured between 60 and 1,000,000 seconds This parame-

ter does not need to match the peer gateway.

Table 3: IPSec Tunnel Details page parameters