Manualshelf

User guide

ManualsBrandsMultitech ManualsComputer equipmentrCell 500 Series
31323334353637383940
VPN SETUP
Dead Peer Detection: This feature will detect if a remote VPN gateway still exists, indicate the interval
between every detection, and assign value for timeout.
XAUTH: For the extended authentication function (XAUTH), the VPN client (or initiator) needs to provide
additional user information to the remote VPN server (or VPN gateway). The VPN server would reject the
connect request from VPN clients because of invalid user information, even though the pre-shared key is
correct. This function is suitable for remote mobile VPN clients. You can not only configure a VPN rule with a
pre-shared key for all remote users, but you can also designate account / password for specific users that
are permitted to establish VPN connection with VPN server.
XAUTH - None: Without Extended Authentication (xAuth).
XAUTH - Server: Check if the device behaves as a VPN server, and will validate the user information of
VPN clients. You can click on "XAUTH Account" button at IPSec Setting main page to edit the permitted
user account / password.
Set IKE Proposal: Check to enable IKE proposals.
Encryption: There are five algorithms can be selected: DES, 3DES, AES-128, AES-192, and AES-256.
Authentication: There are two algorithms can be selected: SHA1 and MD5.
DH Group: There are three groups can be selected: Group 1 (MODP768), Group 2 (MODP1024), and
Group 5 (MODP1536).
Enable: Check to enable the IKE Proposal with this rule.
Set IPSec Proposal: Check to enable IPSec proposals.
Encryption: There are five algorithms can be selected: DES, 3DES, AES-128, AES-192, and AES-256. But
when the encapsulation protocol is set to AH, you can choose Null without encryption.
Authentication: There are two algorithms can be selected: SHA1 and MD5. But none also can be selected
here for IPSec proposal.
Enable: Check enable IPSec Proposal with this rule.
IPSec-IKE Setting
Tunnel name: Assign a name for this tunnel.
Method: There are IKE and Manual options. Choose IKE here.
Local subnet: The subnet of LAN site of local VPN gateway. It can be a host, a partial subnet, or the whole
subnet of LAN site of local gateway.
Local Netmask: The local netmask and associated local subnet can define a subnet domain for the devices
connected via the VPN tunnel.
Remote subnet: The subnet of LAN site of remote VPN gateway. It can be a host, a partial subnet, or the
whole subnet of LAN site of remote gateway.
Remote Netmask: The remote netmask and associated remote subnet can define a subnet domain for the
devices connected via the VPN tunnel.
Remote Gateway: Enter the IP address of remote VPN gateway.
Phase 1 Key Life Time: The value represents the life time of the key which is dedicated at Phase 1 between
both end gateways.
Phase 2 Key Life Time: The value represents the life time of the key which is dedicated at Phase 2 between
both end gateways.
Encapsulation Protocol: There are three protocols can be selected: ESP, AH, or ESP+AH.
MultiConnect
®
rCell 500 Series Router User Guide 37