Manualshelf

Quick Reference Guide

ManualsBrandsNETGEAR ManualsHardwareDG834GV4
81828384858687888990
ADSL2+ Modem Wireless Router DG834G Reference Manual
6-4 Virtual Private Networking
v2.0, September 2007
Will either endpoint use fully qualified domain names (FQDNs)? FQDNs supplied by
Dynamic DNS providers (see “Using a Fully Qualified Domain Name (FQDN)” on page B-7)
can allow a VPN endpoint with a dynamic IP address to initiate or respond to a tunnel request.
Otherwise, the side using a dynamic IP address must always be the initiator.
Which method will you use to configure your VPN tunnels?
The VPN Wizard using VPNC defaults (see Table 6-2)
The typical automated Internet Key Exchange (IKE) setup (see “Using Auto Policy to
Configure VPN Tunnels” on page 6-32)
A manual keying setup in which you must specify each phase of the connection (see
“Using Manual Policy to Configure VPN Tunnels” on page 6-41)?
What level of IPSec VPN encryption will you use?
DES. The Data Encryption Standard (DES) processes input data that is 64 bits wide,
encrypting these values using a 56-bit key. Faster but less secure than 3DES.
3DES. Triple DES achieves a higher level of security by encrypting the data three times
using DES with three different, unrelated keys.
What level of authentication will you use?
MDS. 128 bits, faster but less secure.
SHA-1. 160 bits, slower but more secure.
Table 6-2. Parameters Recommended by the VPNC and Used in the VPN Wizard
Parameter Factory Default
Secure Association Main Mode
Authentication Method Pre-shared Key
Encryption Method 3DES
Authentication Protocol SHA-1
Diffie-Hellman (DH) Group Group 2 (1024 bit)
Key Life 8 hours
IKE Life Time 1 hour