User's Manual

ManualsBrandsSMC Networks ManualsComputers & AccessoriesDOCSIS 3.0 Wireless Cable Modem Gateway

151

152

153

154

155

156

157

158

159

160

錯誤! 尚未定義樣式。

158

SMCD3GN2 Wireless Cable Modem Gateway Administrator Manual

9. To delete a tunnel, click the radio button to the left of the tunnel you want to delete and

click the Delete button. No precautionary message appears before you delete a tunnel.

Table 34. VPN – Adding VPN Tunnel Menu Options

Option Description

Local Host Setting Intranet Configuration

Protect Private Lan button Click this button to automatically populate the Intranet Address and Intranet Subway Mask fields with

unique private LAN values.

Protect Public Lan button Click this button to automatically populate the Intranet Address and Intranet Subway Mask fields with

unique public LAN values.

Local ID ID to identify and authenticate the local host.

Intranet Address IP address of the local host. You can manually add this information, or use the Protect Private Lan

or Protect Public Lan button to auto-assign a unique IP address for the private or public LAN,

respectively.

Intranet Subnet Mask Subnet mask of the local host. You can manually add this information, or use the Protect Private

Lan or Protect Public Lan button to auto-assign a unique subnet mask for the private or public LAN,

respectively.

Remote Gateway

Remote Gateway ID ID to identify and authenticate the remote gateway at the other end of the VPN tunnel.

Remote Gateway Address IP address of the remote gateway at the other end of the VPN tunnel.

Pre-shared Key A “pass code” that must be the same at both the local and the remote side. Both ends of the tunnel

must use the same key; otherwise, the VPN tunnel cannot be established.

Key Management / IKE

IKE Life Duration Length to time or amount of transfer before the Security Association is renegotiated.

Authentication method Authentication mode used for keying the IPSec connection. Both ends of the tunnel must use the

same setting; otherwise, the VPN tunnel cannot be established.

IKE Hash Checks that the data has not changed in transmission. Both ends of the tunnel must use the same

setting; otherwise, the VPN tunnel cannot be established. Choices are:

• MD5 = faster than SHA, but less secure. (default)

• SHA = a one-way hashing algorithm that produces a 160-bit digest. SHA is more secure than

MD5.

IKE Encryption Encryption algorithm used during the Authentication phase. Choices are

• BLOWFISH = a symmetric encryption algorithm that uses the same secret key to both encrypt and

decrypt messages. Blowfish is also a block cipher that divides a message into fixed length blocks

during encryption and decryption. Blowfish has a 64-bit block size and a key length of anywhere

from 32 bits to 448 bits, and uses 16 rounds of main algorithm. (default)

• 3DES = triple DES is a symmetric strong encryption algorithm that is compliant with the OpenPGP

standard. It is the application of DES standard, where three keys are used in succession to provide

additional security.

• AES = Advanced Encryption Standard offers the highest standard of security. The effective key

lengths that can be used with AES are 128, 192, and 256 bits. The higher the bit rate, the stronger

the encryption but the trade-off is lower throughput. More secure than 3DES.

Both ends of the tunnel must use the same setting; otherwise, the VPN tunnel cannot be established.