User guide
IPsec User Guide
11 2120028
Remote Address 10.11.12.0 Address of the remote device.
Choose from two options: 5-
Single Address and 17-Subnet
Address.
Remote Address - end or mask 255.255.255.0 Subnet address with the Subnet
Mask.
IPSec Encryption Algorithm 3 You can choose other options
like, Blowfish, 3 DES, Cast 128
and AES. The option “0” indicates
that IPSec encryption may not be
used.
3DES or AES can be used for
stronger encryption.
IPSec Authentication Algorithm 2 Three different authentication
algorithms are among the drop-
down choices.
1-MD5 is for minimal security and
2-SH-1 is higher security. 5-SHA-
256 is also an option. “0” is also
an option for not applying IPSec
aunthentication algorithm.
IPSec Key Group 2 Different Key Groups are, 1-DH1,
2-DH2 and 5-DH5.
DH5 denotes highest security
IPSec SA Life Time 7200 (seconds) This indicates how often the
modem renegotiates the IKE SA.
While the renegotiation happens
the VPN tunnel gets
disconnected temporarily.
Incoming Out of Band 0 Enable (1) or Disable (0) access
to modem remotely from
machines that are not part of the
IPSec network.
Outgoing Aleos Out of Band 1 Enable (1) or Disable (0) sending
of ALEOS traffic over the IPSec
tunnel to a remote location.
This option allows ALEOS
generated data (E.g. RAP) to be
sent outside the IPSec tunnel.
Outgoing Host Out of Band 0 Enable (1) or Disable (0) access
to resources outside the IPSec
network. (e.g. Enable access to
sites like www.google.com over
non IPSec channel).
Table 2-1: Configuration Parameters in AceManager
Name Default Value Description