User Guide
Table Of Contents
- 1 At a glance
- 2 Quick setup
- 3 Login
- 4 System status
- 5 Internet settings
- 6 Wireless
- 7 Address reservation
- 8 Bandwidth control
- 9 Authentication
- 9.1 Overview
- 9.2 Configure captive portal
- 9.3 Example of captive portal
- 9.4 User management
- 10 AP mangement
- 11 Filter management
- 12 More settings
- 12.1 LAN settings
- 12.2 WAN parameters
- 12.3 Configure static route
- 12.4 Port mirroring
- 12.5 Manage your router remotely using web UI
- 12.6 DDNS
- 12.7 Port forwarding
- 12.8 DMZ host
- 12.9 UPnP
- 12.10 Any IP
- 12.11 Security settings
- 12.12 VPN server
- 12.13 VPN client
- 12.14 IPSec
- 12.15 Example of configuring VPN conenctions
- 12.16 Multi-WAN policy
- 13 Maintenance
- Appendix
165
Parameter
Description
message tampering, leading to higher security than MD5.
Diffle-Hellman
Group
Group information for the Diffie-Hellman algorithm for generating a session key used to
encrypt an IKE tunnel. The information should be the same as that of the remote gateway.
Key Expiration
It specifies the life cycle of IKE SA. The default time is 3600 seconds. The minimum time is
600 seconds. When 540 seconds are left, IKE SA will be negotiated again.
PFS
It indicates Perfect Forward Secrecy that improves security by forcing a new Diffie-Hellman
exchange whenever key expires.
Key negotiation: Manual
The following configuration area appears in case that the Tunnel Protocol is set to AH+ESP.
Parameter description
Parameter
Description
ESP Encryption
Algorithm
The router supports the following ESP encryption algorithms:
- 3DES (default): Three 56-bit keys are used for encryption. A key of 24 ASCII
characters or 48 hexadecimal characters is required.
- DES: A 56-bit key is used to encrypt 64-bit data. The last 8 bits of the 64-bit data are
used for parity check. A key of 8 ASCII characters or 16 hexadecimal characters is
required.
- AES-128: A 128-bit key is used for encryption. A key of 16 ASCII characters or 32