BaseWall, Tel: +31-74-2491004, Fax: +31-74-2593934
49
IPSec policy options
•
Tunnel Attribute –
The attributes for the tunnel that you just setup
•
Dead Peer Detection -
If you like to utilize one of the wan port as a backup or plan the failover
function,
you can enable Dead Peer Detection function.
•
Check Method –
You can either choose ICMP, Heartbeat or DPD protocol. This will detect if the
remote site VPN tunnel is alive or not.
Options :
•
NetBIOS Broadcast-
This is used to forward NetBIOS broadcast across the Internet.
•
Auto Trigger
–This
is help to keep up the IPSec connection tunnel. It can be re-established
immediately, if a connection is dropped and detected.
•
Anti Replay –
It ensures to keep track of IP packet-level security in order.
•
Passive mode –
This means that your PC establishes the data connection. If you enable passive
mode.
•
Check ESP Pad –
If enable ESP(Encapsulating Security Payload),it will check ESP padding.
•
Allow Full ECN –
Enable will allow full Explicit Congestion Notification (ECN). ECN is a standard
proposed by the IETF that will cut down on network congestion and routers dropping packets.
•
Copy DF Flag –
When an IP packet is encapsulated as payload inside another IP packet, some of the
outer header fields can be newly written, and others are determined by the inner header. Among
these fields is the IP DF (don't fragment) flag. When the inner packet DF flag is clear, the outer packet may
copy it or set it; however, when the inner DF flag is set, the outer header MUST copy it.