![background image](http://html.mh-extra.com/html/siemens/sinaut-md740-1/sinaut-md740-1_user-manual_379447036.webp)
Configuration
36 von 105
SINAUT MD740-1
File 3172AD001_V1_1_060206.doc
File saved
06.02.2006
File printed
06.02.2006
State Freigabe
Autor Pauluhn
4.3 VPN
menu
The general prerequisite for a VPN connection is that the IP addresses of the VPN
partners are known and accessible. See
IP address of
the remote site, page 9.
•
In order for an IPSec connection to be established successfully the VPN remote site
must support IPsec with the following configuration:
- Authentication via Pre-Shared Key (PSK) or X.509 certificates
- ESP
- Diffie-Hellman groups 2 or 5
- DES, 3DES or AES encryption
- MD5 or SHA-1 Hash algorithms
- Tunnel or transport mode
- Quick mode
- Main mode
- SA Lifetime (1 second to 24 hours)
If the remote site is a computer running under Windows 2000, the
Microsoft Windows
2000 High Encryption Pack
or at least
Service Pack 2
must be installed.
•
If the remote site is behind a NAT router it must support NAT-T. Alternatively, the
NAT router must recognise the IPsec protocol (IPsec/VPN Passthrough). In both
cases, only IPsec tunnel connections are possible for technical reasons.