Manualshelf

User's Manual

ManualsBrandsWuxi MitraStar Technology ManualsElectronicsEquipo para acceso Fibra Optica
12345678910
Chapter 16 IPSec VPN 117
This screen contains the following fields:
Table 70 IPSec VPN: Add
LABEL DESCRIPTION
IPSec Connection
Name
Enter the name of the VPN policy.
IP Version Set whether this policy uses IPv4 or IPv6.
Tunnel Mode Select the security protocol to use in the IPSec SA.
AH (RFC 2402) - provides integrity, authentication, sequence integrity (replay
resistance), and non-repudiation but not encryption.
ESP (RFC 2406) - provides encryption and the same services offered by AH, but
its authentication is weaker. The Router and remote IPSec router must use the
same active protocol.
Remote IPSec Gateway
Address
Enter the IP address of the remote IPSec router in the IKE SA.
Tunnel access from
local IP addresses
Select Single Address to have only one local LAN IP address use the VPN
tunnel. Select Subnet to specify local LAN IP addresses by their subnet mask.
IP Address for VPN If Single Address is selected, enter a (static) IP address on the LAN behind your
Router.
If Subnet is selected, specify IP addresses on a network by their subnet mask
by entering a (static) IP address on the LAN behind your Router. Then enter
the subnet mask to identify the network address.
Mask or Prefix Length If Subnet is selected, enter the subnet mask (for IPv4) or prefix length (for an
IPv6 address) to identify the network address.
The IPv6 prefix length specifies how many most significant bits (starting from
the left) in the address compose the network address.
Tunnel access from
remote IP addresses
Select Single Address to have only one remote LAN IP address use the VPN
tunnel. Select Subnet to specify remote LAN IP addresses by their subnet
mask.
IP Address for VPN If Single Address is selected, enter a (static) IP address on the LAN behind the
remote IPSec’s router.
If Subnet is selected, specify IP addresses on a network by their subnet mask
by entering a (static) IP address on the LAN behind the remote IPSec’s router.
Then enter the subnet mask to identify the network address.
Mask or Prefix Length If Subnet is selected, enter the subnet mask (for IPv4) or prefix length (for an
IPv6 address) to identify the network address.
The IPv6 prefix length specifies how many most significant bits (starting from
the left) in the address compose the network address.