User's Manual
Table Of Contents
- Welcome!
- Getting Familiar with your Gateway
- Installing your SR700ac Gateway
- Logging into your Gateway's UI
- Device Info
- Advanced Setup
- LTE WAN Service
- Wireless
- Diagnostics
- Management
- Logging Out
- Appendix: Compliance Statements
- Revision History
SMARTRG INC. PROPRIETARY AND CONFIDENTIAL. ALL RIGHTS RESERVED. COPYRIGHT © 2017 83
Field Name Description
IPSec Connection Name A free form text field. Enter a descriptive name for this connection
IP Version Select the IP version environment associated with your infrastructure. Options are
IPv4
and
IPv6
.
Tunnel Mode Select the encapsulation method to be used. Options are:
l ESP: Use this mode to encapsulate a packet with ESP and IP headers. An ESP trailer is added to
the packet for authentication and integrity.
l AH: Use this mode to encapsulate a packet with AH and IP headers. For authentication, the
entire packet is signed.
Local Gateway Interface Select the WAN connection to be associated with this tunnel.
Remote IPSec Gateway
Address
Enter the WAN IP for this tunnel.
Tunnel Access From Local
IP Addresses
Select IP information for site A and B. Options are:
l Subnet: Allows access to the entire LAN.
l Single Address: For single host, select this option.
IP Address for VPN Enter the IP address for local access.
Mask or Prefix Length Enter the subnet mask or prefix length for IP address entered for local access, e.g., 255.255.255.0.
Tunnel Access From
Remote IP Addresses
Select IP information for site A and B. Options are:
l Subnet: Allows access to the entire LAN.
l Single Address: For single host, select this option.
IP Address for VPN Enter the IP address for remote access.
Mask or Prefix Length Enter the subnet mask or prefix length for IP address entered for remote access, e.g., 255.255.255.0.
Key Exchange Method The key-exchange method to be used for IPSec. Options are:
l Auto(IKE): This method uses the negotiated key-exchange method for IPSec. This is the default
and recommended for best results.
l Manual: This method requires that you configure the details.
Authentication Method Select the method by which the remote end will authenticate. Options are:
l Pre-Shared Key: A key is distributed to authorized users for logging into the system. Enter the
key in the Pre-shared Key field.
l Certificate (x.509): A certificate is used for authentication. Select the certificate file in the
Certificate field that appears.
Perfect Forward Secrecy This setting determines whether a session key derived from a set of long-term keys is compromised if
one of the long-term keys in the set is compromised.
l Enable: Prevents long-term key from being compromised.
l Disable: Permits long-term keys to be compromised.
Advanced IKE Settings
You can configure advanced IKE settings if desired.