User Manual
87
Field name
Value
Explanation
1.
Enable
Enabled/Disabled
Check box to enable IPSec.
2.
IKE version
IKEv1 or IKEv2
Method of key exchange
3.
Mode
“Main” or
“Aggressive”
ISAKMP (Internet Security Association and Key Management Protocol)
phase 1 exchange mode
4.
My identifier type
Address, FQDN,
User FQDN
Choose one accordingly to your IPSec configuration
5.
My identifier
Set the device identifier for IPSec tunnel.
In case RUT has Private IP, its identifier should be its own LAN network
address. In this way, the Road Warrior approach is possible.
6.
Dead Peer
Detection
Enabled/Disabled
The values clear, hold and restart all active DPD
7.
Pre shared key
A shared password to authenticate between the peer
8.
Remote VPN
endpoint
Domain name or IP address. Leave empty or any
9.
IP
address/Subnet
mask
Remote network secure group IP address and mask used to determine to
what subnet an IP address belongs to. Range [0-32]. IP should differ from
device LAN IP
10.
Enable keep alive
Enabled/Disabled
Enable tunnel keep alive function
11.
Host
A host address to which ICMP (Internet Control Message Protocol) echo
requests will be send
12.
Ping period (sec)
Send ICMP echo request every x seconds. Range [0-999999]
Phase 1 and Phase 2 must be configured accordingly to the IPSec server configuration, thus algorithms,
authentication and lifetimes of each phase must be identical.