Advanced VPN tab
Issue 4 May 2005
149
Rekey site-to-site VPN
Rekey
Used to change the preshared secret key of a site-to-site VPN. This should be done regularly to
ensure maximum security.
Only SKIP and Preshared Secret IKE VPNs can be manually rekeyed. In the case of SKIP,
rekeying generates and distributes a new master key to all security gateways associated with
the VPN. This SKIP master key is used to generate session keys used for cryptographic
functions. In the case of Preshared Secret IKE VPNs, rekeying generates and distributes a new
negotiation key to all security gateways associated with the VPN. This negotiation key is used to
provide authentication during IKE negotiations, in which the actual session key is dynamically
generated. Manual Keyed VPNs can be rekeyed by manually editing the relevant keys.
Advanced VPN tab
The Advanced tab is used to set up advanced VPN options. Generally, the defaults do not need
to be changed.
Figure 50: VPN Advanced tab
Apply VPN to clients only provides VPN access to users and ignores the site-to-site “mesh” or
relationships between security gateways. This is a usability feature that can be used in VPNs
with complex rules to only mesh the users.
In a normal VPN, the IP Groups are meshed together and the users are meshed with the
groups. When the “Apply VPN to clients only” check box is check, only the users are meshed.
Summary of Contents for 3.7
Page 1: ...VPNmanager Configuration Guide Release 3 7 670 100 600 Issue 4 May 2005...
Page 4: ......
Page 20: ...Preface 20 Avaya VPNmanager Configuration Guide Release 3 7...
Page 32: ...Overview of implementation 32 Avaya VPNmanager Configuration Guide Release 3 7...
Page 53: ...Preferences Issue 4 May 2005 53 Figure 16 Tunnel End Point Policy...
Page 54: ...Using VPNmanager 54 Avaya VPNmanager Configuration Guide Release 3 7...
Page 244: ...Using advanced features 244 Avaya VPNmanager Configuration Guide Release 3 7...
Page 292: ...Upgrading firmware and licenses 292 Avaya VPNmanager Configuration Guide Release 3 7...