D-Link DWC-1000 User Manual
253
Section 7 - VPN Settings
3. Once the tunnel type and endpoints of the tunnel are defined, you can determine the Phase 1/Phase
2 negotiation to use for the tunnel. This is covered in the IPSec mode setting, as the policy can be
Manual or Auto. For Auto policies, the Internet Key Exchange (IKE) protocol dynamically exchanges
keys between two IPSec hosts. The Phase 1 IKE parameters are used to define the tunnel’s security
association details.
The Phase 2 Auto policy parameters cover the security association lifetime and encryption/authentication
details of the phase 2 key negotiation.
The VPN policy is one half of the IKE/VPN policy pair required to establish an Auto IPSec VPN tunnel.
The IP addresses of the machine or machines on the two VPN endpoints are configured here, along
with the policy parameters required to secure the tunnel.