57
Depending on which Tunnel Type you have selected, choose from
the following to edit or add the remaining fields:
■
“IPSec Connections using Remote User Access”
on
page 57
■
“IPSec Connections using Gateway to Gateway”
on
page 57
■
“L2TP over IPSec Connections”
on
page 59
■
“PPTP Connections”
on
page 60
I
PSec Connections using Remote User Access
If you have selected IPSec as a Tunnel Type and Remote User
Access as a Connection Type, enter the following values:
■
Remote User ID
— Enter the Remote User ID. This must be
entered identically on the IPSec software installed on the
client’s machine.
■
Tunnel Shared Key
— this is the password for the connection
and is a combination of letters, numbers and punctuation and
can be up to 64 characters in length.
Figure 53
IPSec Connection - Remote User Access
■
Encryption type
— choose the encryption type from DES or
3DES. 3DES is more secure but may take longer to encrypt
and decrypt.
3DES is not shipped with the Gateway as standard due to
international restrictions on encryption. If your country permits its
use it can be downloaded from the 3Com web site at
http://www.3com.com/
■
Exchange keys using
— choose the encryption method used
to exchange shared keys.
Diffie-Hellman Group 2
is more
secure but less common than
Diffie-Hellman Group 1
.
■
Use Perfect Forward Secrecy
— Choose whether to use
perfect forward secrecy. Using perfect forward secrecy will
change the encryption keys during the course of a connection
making the tunnel more secure but slowing data transfer. To
enable perfect forward secrecy ensure that the
Use Perfect
Forward Secrecy
box is checked. To keep the same key for the
length of a connection leave the box unchecked.
Click
Apply
to save your changes or
Close
to return without
saving.
IPSec Connections using Gateway to Gateway
If you have selected IPSec as a Tunnel Type and Gateway to
Gateway as a Connection Type, enter the following values:
■
R
emote IPSec Server Address
— enter the Internet IP address
or name of the remote gateway. (
Figure 54
).
■
Remote Network address —
enter the LAN IP address of the
remote network. This is the first IP address of a subnet, one
below the first address available for use.
dua08 569-5aaa02.bo o k Pag e 57 Thursday , No vem ber 7 , 2002 3:09 PM
Содержание OFFICE CONNECT CABLE/DSL SECURE GATEWAY...
Страница 1: ...dua08 569 5aaa02 bo o k Pag e 1 T hursday No vem ber7 2002 3 09 PM ...
Страница 6: ...6 dua08 569 5aaa02 bo o k Pag e 6 T hursday No vem ber7 2002 3 09 PM ...
Страница 14: ...14 dua08 569 5aaa02 bo o k Pag e 14 T hursday No vem ber7 2002 3 09 PM ...
Страница 18: ...18 dua08 569 5aaa02 bo o k Pag e 18 T hursday No vem ber7 2002 3 09 PM ...
Страница 22: ...22 dua08 569 5aaa02 bo o k Pag e 22 T hursday No vem ber7 2002 3 09 PM ...
Страница 76: ...76 dua08 569 5aaa02 bo o k Pag e 7 6 T hursday No vem ber7 2002 3 09 PM ...
Страница 82: ...82 dua08 569 5aaa02 bo o k Pag e 8 2 T hursday No vem ber7 2002 3 09 PM ...
Страница 86: ...86 dua08 569 5aaa02 bo o k Pag e 8 6 T hursday No vem ber7 2002 3 09 PM ...
Страница 92: ...92 dua08 569 5aaa02 bo o k Pag e 92 T hursday No vem ber7 2002 3 09 PM ...
Страница 98: ...98 dua08 569 5aaa02 bo o k Pag e 98 T hursday No vem ber7 2002 3 09 PM ...
Страница 100: ...100 dua08 569 5aaa02 bo o k Pag e 100 T hursday No vem ber7 2002 3 09 PM ...
Страница 101: ...dua08 569 5aaa02 bo o k Pag e 101 T hursday No vem ber7 2002 3 09 PM ...
Страница 102: ...DUA08569 5AAA02 Published November 2002 dua08 569 5aaa02 bo o k Pag e 102 T hursday No vem ber7 2002 3 09 PM ...