HotBrick LB-2 Скачать руководство пользователя

Страница: 11 / 13

How To establish an IPSec VPN tunnel with LB-2 VPN

Property of HotBrick — 2005

VPN Policy References

IPSec Global Setting

Enable

Enabling WAN 1, WAN 2 or Both will start global setting.

ISAkmp Port

Designed to negotiate, establish, modify and delete security associations and their attributes which
was assigned by IANA UDP port 500.

Phase 1 DH Group

Use DH Group 1 (768-bits), DH Group 2 (1024-bits), Group 5 (1536-bits) to generate IP Sec SA
Keys.

Phase 1 Encryption Method

There are 3 data encryption methods available: DES, 2DES, and AES.

Phase 1 Authentication Method

There are 2 authentication methods available: MD5 and SHA1 (Secure Hash Algorithm)

Phase 1 SA Life Time

By default the Security Association lifetime is set at 28800 Sec.

Maxtime to complete phase 1

Aim of phase 1 is to authenticate and establish a secure tunnel, which will protect further IKE
negotiation. The maximum time default is 30 Sec.

Maxtime to complete phase 2

Maximum time to establish the IPSec SAs. By default the maximum time is 30 Sec.

Log Levels

Select a VPN log level that you like to display on VPN log.

VPN Policy Setup

IPSec Traffic Binding

VPN Tunnel List

Shows tunnels you have entered. The router can be setup to 50 tunnels

Tunnel Name

Distinguishes “tunnels” by names

Tunnel

The tunnel can only be connected when the

ENABLE

check box is selected.

WAN port

You can choose WAN 1, WAN 2 or any to make the VPN connection.

Содержание LB-2

Страница 1: ...Firewall HotBrick LB 2 How To LB 2 IPSec Tunnel Setup Guide ...

Страница 2: ...VPN tunnel between two LB 2s with VPN Note The LB 2 must have the VPN upgrade to establish an IPSec Tunnel This will also help you setup an IPSec Tunnel if you have an LB 2 VPN with license key Please upgrade your LB 2 VPN to the latest version by going to our website and clicking on the Downloads link http hotbrick com support asp IPsec Tunnel between two LB 2 VPN Figure 1 LB 2 site to site tunne...

Страница 3: ... Encryption Method 3DES Phase 1 Authentication Method MD5 Phase 1 SA Lifetime 28800 8 Once you have selected the Global Parameters then hit Submit 9 The LB 2 will be restarted and refreshed to save the settings 10 After the settings are refreshed click on Policy Setup 11 Under IPSec Traffic Binding input a name for Tunnel Name In Figures 3 and 4 below we have the tunnel name LB2VPN 12 Make sure yo...

Страница 4: ...How To establish an IPSec VPN tunnel with LB 2 VPN Property of HotBrick 2005 4 Figure 3 IPSec Traffic Binding for Site A Figure 4 IPSec Traffic Binding for Site B ...

Страница 5: ...or Remote Security Network for Remote Type select Subnet 20 The IP address must again reflect the entire subnet In Figure 3 the remote security network for Site B is 10 1 1 0 In Figure 4 the remote security network for Site A its 192 168 2 0 21 For the Remote Security Gateway the gateway type is IP Address The IP address is the WAN1 IP address of the remote site Site B 22 Under Security Level the ...

Страница 6: ... enable it or not In our example we have used DH Group 2 1024 bit 28 The Preshared Key must be characters and or hexadecimal units The preshared key entered in our example is hotbrick 29 The Key life time can be set in seconds with zero indicating no expirations In our example we used 28800 seconds or eight hours 30 For the service In Volume we left the default 0 Kbytes 31 If Manual Key was chosen...

Страница 7: ...e we have selected DPD RFC 3706 Under Action it is important that you select Keep Tunnel Alive 36 Under Options you can enable NetBIOS Broadcast to be able to send NetBIOS traffic through the tunnel Also enable Auto Triggered to always reconnect the tunnel if the tunnel happens to drop 37 When you are finished click Set This will take you back to the Policy Setup page then scroll down to the botto...

Страница 8: ...nnel with LB 2 VPN Property of HotBrick 2005 8 Figure 9 IPSec Policy Option for Site B Figures 10 and 11 show the tunnel established under Policy Setup Figures 11 and 12 show the log with all the phases of the IPSec tunnel established ...

Страница 9: ...How To establish an IPSec VPN tunnel with LB 2 VPN Property of HotBrick 2005 9 Figure 10 Site A tunnel established Figure 11 Site B tunnel established ...

Страница 10: ...How To establish an IPSec VPN tunnel with LB 2 VPN Property of HotBrick 2005 10 Figure 12 Logs with tunnel established in Site A Figure 13 Logs with tunnel established in Site B ...

Страница 11: ... available MD5 and SHA1 Secure Hash Algorithm Phase 1 SA Life Time By default the Security Association lifetime is set at 28800 Sec Maxtime to complete phase 1 Aim of phase 1 is to authenticate and establish a secure tunnel which will protect further IKE negotiation The maximum time default is 30 Sec Maxtime to complete phase 2 Maximum time to establish the IPSec SAs By default the maximum time is...

Страница 12: ...Select either remote side domain name or remote side IP address WAN IP Address as your remote side security gateway Security Level Encryption Method It specifies the encryption method to use Data encryption makes the data unreadable if intercepted There are 3 encryption methods available DES 3DES and AES The default is null Authentication This specifies the packet authentication mechanism to use P...

Страница 13: ... Keep Alive This is to help maintain the IPSec connection tunnel It can be reestablished immediately if a connection is dropped Anti Replay This mechanism works by keeping track of the sequence numbers in packets as they arrive Passive Mode When enabled your PC establishes the data connection Check ESP Pad When checked this will enable ESP Encapsulating Security Payload padding Allow Full ECN Enab...

Результаты поиска

Содержание LB-2

Отзывы:

Похожие инструкции для LB-2

Бренды по названию

Популярные бренды

HotBrick LB-2, Руководство по установке

Результаты поиска

Содержание LB-2

Отзывы:

Похожие инструкции для LB-2

Бренды по названию

Популярные бренды