Manualshelf

Specifications

ManualsBrandsMotorola ManualsComputer equipmentWS2000 - Wireless Switch - Network Management Device
61626364656667686970
WAN Configuration 4-19
3. Select the subnet that will be the local end of the tunnel from the Local Subnet menu.
4. Specify the IP address to use for the local WAN (Local Wan IP), which should be one of the (up to) eight
IP addresses specified in the WAN screen.
5. Specify the IP address for the Remote Subnet along with its subnet mask (Remote Subnet Mask).
Remote Subnet is the remote end of the VPN tunnel. This field accepts 0.0.0.0 as the remote subnet IP
address.
6. Specify the IP address for the Remote Gateway.
7. Click the Apply button to save the changes.
4.6.2 Setting Up VPN Security
The WS2000 Wireless Switch provides several different options for VPN security, all based upon encryption
key exchange:
1. Manual Key Exchange uses the Manual Key Settings screen to specify the transform sets that will
be used for VPN access.
A transform set is a combination of security protocols and algorithms that are applied to IPSec protected
traffic. A transform set specifies one or two IPSec security protocols (either AH, ESP, or both) and
specifies which algorithms to use with the selected security protocol. During security association (SA)
negotiation, both gateways agree to use a particular transform set to protect the data flow.
If you specify an ESP protocol in a transform set, you can specify just an ESP encryption transform or both
an ESP encryption transform and an ESP authentication transform. When a particular transform set is
used during negotiations for IPSec SAs, the entire transform set (the combination of protocols,
algorithms, and other settings) must match the transform set at the remote end of the gateway.
2. Automatic Key Exchange enables the WS2000 Wireless Switch to automatically set encryption and
authentication keys for VPN access. The Auto Key Settings subscreen provides the means to specify the
type of encryption and authentication, without specifying the keys.
3. Internet Key Exchange (IKE) protocol is an IPSec standard protocol used to ensure security for VPN
negotiation, and remote host or network access. IKE provides an automatic means of negotiation and
authentication for communication between two or more parties. IKE manages IPSec keys automatically
for the parties.
Each of these options requires some configuration, as described below.
4.6.3 Configuring Manual Key Exchange
1. Select the Manual Key Exchange radio button.
2. Click the Manual Key Settings button to specify the encryption method and the following screen
appears. The setup process requires specifying both the authentication and the encryption methods and
keys.