User guide

ManualsBrandsVelocity ManualsComputer equipmentEdge GX440

ALEOS 4.2.3 User Guide

80 20080616

Field Description

General

VPN # Type Use this field to enable or disable the VPN # tunnel. If custom settings are used, they will

be saved and the tunnel can be disabled and re-enabled without needing to reenter any of

the settings. For a successful configuration, all settings for the VPN tunnel must be

identical between the AirLink Device VPN and the enterprise VPN server.

Options:

• Tunnel Disabled

• IPsec Tunnel

• GRE Tunnel

• SSL Tunnel

• L2TP+IPsec

Default: Tunnel Disabled.

VPN # Status Indicates the current status of the VPN # connection. Use this when troubleshooting a

VPN # connection. Options: Disabled, Not Connected, or Connected.

VPN Gateway

Address

The IP address of the server that this client connects to. This IP address must be open to

connections from the AirLink Device Box.

Pre shared Key 1 Pre-shared Key (PSK) used to initiate the VPN tunnel.

My Identity If these fields are left blank, My Identity will default to the WAN IP address assigned by the

carrier and Peer Identity will default to the VPN Server IP. For a fully qualified domain name

(FQDN), these values should be preceded by an ‘@’character (@www.domain.com). For

user-FQDN, these values should include a username (user@domain.com)

Peer Identity Required in some configurations to identify the client or peer side of a VPN connection.

Default: The VPN server IP address.

Negotiation Mode Enable this configuration to operate the onboard VPN under Aggressive mode. Aggressive

mode offers increased performance at the expense of security.

Options: Main Mode or Aggressive Mode. Default: Main Mode.

IKE Encryption

Algorithm

Determines the type and length of encryption key used to encrypt/decrypt ESP

(Encapsulating Security Payload) packets. 3DES supports 168-bit encryption. AES

(Advanced Encryption Standard) supports both 128-bit and 256-bit encryption.

Options: DES, Blowfish, 3DES, Cast 128, AES-128, and AES-256. Default: AES-128.

IKE Authentication

Algorithm

MD5 is an algorithm that produces a 128-bit digest for authentication. SHA1 is a more

secure algorithm that produces a 160-bit digest.

Options: MD5, SHA1, and SHA256. Default: SHA1.

IKE Key Group Options: DH1, DH2, or DH5. Default: DH2

IKE SA Life Time Determines how long the VPN tunnel is active in seconds.

Options: 180 to 86400. Default: 7200.

Local Address Type The network information of the device. Options: Use the Host Subnet, Single Address, and

Subnet Address. Default: Subnet Address.

Local Address Device subnet address.

Local Address -

Netmask

Device subnet mask information. 24-bit netmask.

Default: 255.255.255.0