Technical information

Watson SHDSL Router

Web-based Management Manual

Watson-SHDSL-Router-GUI-Manual.doc

Version 2.3-03

8-54

Revision: 2012-02-29

 Connection type: Tunnel, Transport

 Use of Internet Security Association and Key Management Protocol (ISAKMP)

in main and aggressive modes

 Key management: Manual, Automatic (Internet Key Exchange)

 NAT Traversal Negotiation for resolution of NATed tunnel endpoint scenarios

 Dead Peer Detection for tunnel disconnection in case the remote endpoint

ceases to operate

 Gateway authentication: X.509, RSA signatures and pre-shared secret key

 IP protocols: ESP, AH

 Encryption: AES, 3DES, DES, NULL, HW encryption integration

 Authentication: MD5, SHA-1

 IP Payload compression

 Interoperability: VPNC Certified IPSec, Windows 2000, Windows NT,

FreeS/WAN, FreeBSD, Checkpoint Firewall-1, Safenet SoftRemote, Net-

Screen, SSH Sentinel

8.4.1.2 IPSec Settings

Access this feature either from the 'VPN' menu item under the 'Services' tab, or by

clicking the IPSec icon in the 'Advanced' screen. The 'Internet Protocol Security

(IPSec)' screen appears.

Figure 8-59: Internet Protocol Security (IPSec)

This screen enables you to configure:

Block Unauthorized IP Select the Enabled check-box to block unauthorized IP

packets to Watson. Specify the following parameters:

Maximum Number of Authentication Failures The maximum number of packets

to authenticate before blocking the origin's IP address.

Block Period (in seconds) The timeframe in which packets from an unauthorized

IP address will be dropped.