Multitech RF760 Instrukcja Użytkownika Pobierz pdf (Strona 38)

Example 4 – SSH Sentinel Accessing LAN Through the RouteFinder

Multi-Tech Systems, Inc. RF760VPN/RF660VPN/RF600VPN Setup Examples Reference Guide (S000283D) 38

The IKE protocol does automatic negotiation of protocols, encryption algorithms; it keys automatic

exchange of keys. The following parameters must be set.

a) Connection name

Enter a text name that will identify the connection for you. For this example, enter Sentinel.

b) Compression

Do not check for this example.

c) Perfect Forward Secrecy (PFS)

Check the PFS checkbox to enable PFS, a concept in which the newly generated keys are

unrelated to the older keys). This is enabled by default.

d) Authentication Method

Check the Secret authentication method.

e) Secret

Since the authentication method is Secret, this field must be configured. The Secret must be

agreed upon and shared by the VPN endpoints; it must be configured at both endpoints of the

tunnel.

f) Select Encryption

Select the 3DES encryption method for this example.

g) IKE Life Time

The duration for which the ISAKMP SA should last is from successful negotiation to expiration. The

default value is 3600 seconds and the maximum is 28800 seconds.

h) Key Life

The duration for which the IPSec SA should last is from successful negotiation to expiration. The

default value is 28800 seconds and the maximum is 86400 seconds.

i) Number of Retries (Zero for Unlimited)

Enter of the number of retries you want the device to make in order to establish the connection.

Use zero for unlimited retries.

j) Local WAN IP

This is the interface initiating the IPSec tunnel. For this example, select WAN.

k) Local LAN

Local security gateway for which the security services should be provided. Select LAN.

l) Remote Gateway IP or FQDN

Interface where the IPSec tunnel ends. If you use a Dynamic IP address, this should be configured

to ANY. If you use a Static IP Address, then set to IP=Sentinel Client.

m) Remote LAN

Remote security gateway for which the security services should be provided. If the remote end is

the host, this should be configured as None.

n) UID (Unique Identifier String)

It is recommended that you accept the default to disable UID.

Note: When enabled, UID is used for compatibility purposes (other IPSec VPN gateways might

require you to input a Local and Remote IPSec Identifier).

o) Local ID

Do not set for this example.

p) Remote ID

Do not set for this example.

q) NetBIOS Broadcast

Do not set for this example.

1 2 ... 33 34 35 36 37 38 39

Komentarze do niniejszej Instrukcji

Brak uwag

Multitech RF760 Instrukcja Użytkownika Strona 38

Komentarze do niniejszej Instrukcji

Powiązane produkty i podręczniki dla Networking Multitech RF760