D-Link DWC-1000 User Manual
254
Section 7 - VPN Settings
A Manual policy does not use IKE and instead relies on manual keying to exchange authentication
parameters between the two IPSec hosts. The incoming and outgoing security parameter index (SPI)
values must be mirrored on the remote tunnel endpoint. The encryption and integrity algorithms and
keys must match on the remote IPSec host exactly in order for the tunnel to establish successfully.
Note that using Auto policies with IKE are preferred as in some IPSec implementations the SPI (security
parameter index) values require conversion at each endpoint.
The DWC-1000 supports VPN roll-over feature. This means that policies configured on the primary
Option port will rollover to the secondary port in case of a link failure. This feature can be used only if
your Option is configured in Auto-Rollover mode.
Note:
Once you have created an IPSec policy, you may right-click the policy and select
Export
to save as a
file. You can then upload this to another controller or keep as a backup. To upload a saved policy, refer to