User's Manual

Name Description

Start IP Address The only IP address allowed in the subnet

Subnet Mask The netmask of the subnet (Subnet address)

Remote Port

Restrict the traffic selector to a single protocol and/or port.

 Any: No restriction

 ICMP: Restrict the traffic selector to ICMP protocol.

 TCP: Restrict the traffic selector to TCP protocol. If the port number

is 0, all TCP port numbers are accepted.

 UDP: Re strict t he t raffic selector to UDP protoco l. If the port

number is 0, all UDP port numbers are accepted.

IPSec Proposal

Encapsulation Mode

The type of the connection:

 Tunnel: signifying a host-to-host, host-to-subnet, or subnet-to

subnet tunnel.

 Transport: signifying host-to-host transport made.

Active Protocol

Whether authentication should be done as part of ESP encryption and/or

separately using the AH protocol.

Encryption Algorithm

 NULL

 AES128

 AES192

 AES256

 DES

 3DES

Authentication Algorithm

 MD5

 SHA-1

SA Life Time

The time interval a particular instance of a connection (a set of

encryption/authentication key for user packets) should last, from

successful negotiation to expiry.

Perfect Forward Secrecy

(PFS)

Whether Perfect Forward Secrecy of keys is desired on the connection's

keying channel.

Save Commit the changes made and save to the CPE device

Cancel Reset fields to the last saved values.

Table 20 Field definition for VPN>IPsec>Add