36
Chapter 4: Configuring the Gateway
The Security Tab
Wireless-G ADSL Gateway with 2 Phone Ports
Click the
Connect
button to connect your VPN tunnel. Click
View Logs
to view system, UPnP, VPN, firewall,
access, or all logs.Click the
Advanced Settings
button and the Advanced IPSec VPN Tunnel Setup screen will
appear.
When finished making your changes on this tab, click the
Save Settings
button to save these changes, or click
the
Cancel Changes
button to undo your changes.
Advanced VPN Tunnel Setup
From the Advanced IPSec VPN Tunnel Setup screen you can adjust the settings for specific VPN tunnels.
Phase 1
Phase 1 is used to create a security association (SA), often called the IKE SA. After Phase 1 is completed, Phase 2
is used to create one or more IPSec SAs, which are then used to key IPSec sessions.
Operation Mode
. There are two modes:
Main
and
Aggressive
, and they exchange the same IKE payloads in
different sequences. Main mode is more common; however, some people prefer Aggressive mode because it is
faster. Main mode is for normal usage and includes more authentication requirements than Aggressive mode.
Main mode is recommended because it is more secure. No matter which mode is selected, the VPN Gateway will
accept both Main and Aggressive requests from the remote VPN device.
Encryption
. Select the length of the key used to encrypt/decrypt ESP packets. There are two choices:
DES
and
3DES
. 3DES is recommended because it is more secure.
Authentication
. Select the method used to authenticate ESP packets. There are two choices:
MD5
and
SHA
. SHA
is recommended because it is more secure.
Group
. There are two Diffie-Hellman Groups to choose from:
768-bit
and
1024-bit.
Diffie-Hellman refers to a
cryptographic technique that uses public and private keys for encryption and decryption.
Key Life Time
. In the Key Lifetime field, you may optionally select to have the key expire at the end of a time
period of your choosing. Enter the number of seconds you’d like the key to be used until a re-key negotiation
between each endpoint is completed.
Phase 2
Encryption
. The encryption method selected in Phase 1 will be displayed.
Authentication
. The authentication method selected in Phase 1 will be displayed.
PFS
. The status of PFS will be displayed.
Figure 4-28: System Log
Figure 4-29: Advanced VPN Tunnel Setup