Cradlepoint Technology mbr1200 User Guide
CRADLEPOINT
MBR1200 | USER MANUAL Firmware ver. 1.6.12
© 2010 CRADLEPOINT, INC. PLEASE VISIT
HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/
FOR MORE HELP AND RESOURCES
PAGE 93
Remote Network. This is the address of the remote LAN. The network IP
addresses of the local and remote network must not be the same. Set, for
example the local IP to 192.168.0.1 (default CradlePoint LAN IP) and the
remote network to 192.168.30.1. In this case the IP specified in your policy
for Remote Network should be 192.168.30.0. For CradlePoint routers, this IP
can be configured in the
addresses of the local and remote network must not be the same. Set, for
example the local IP to 192.168.0.1 (default CradlePoint LAN IP) and the
remote network to 192.168.30.1. In this case the IP specified in your policy
for Remote Network should be 192.168.30.0. For CradlePoint routers, this IP
can be configured in the
Basic → Network page.
Remote Submask. This is the corresponding subnet mask of the remote
network.
network.
Local Network. As with the Remote Network configuration description
above, this is the local network's IP address, which should be different from
the Remote Network's LAN IP address. If your local IP is 192.168.0.1 the
value specified in your policy for Local Network should be 192.168.0.0.
above, this is the local network's IP address, which should be different from
the Remote Network's LAN IP address. If your local IP is 192.168.0.1 the
value specified in your policy for Local Network should be 192.168.0.0.
Local Submask. This is the corresponding subnet mask of the local network.
Hash Algorithm. The hash is used to compare, authenticate, and validate
that data across the VPN arrives in its intended form and to derive keys used
by IPSec. This section is used for both phase 1 and phase 2 of the IKE key
negotiation. While the default configuration is MD5, for increased security SHA algorithms are recommended.
that data across the VPN arrives in its intended form and to derive keys used
by IPSec. This section is used for both phase 1 and phase 2 of the IKE key
negotiation. While the default configuration is MD5, for increased security SHA algorithms are recommended.
Cipher Algorithm. The cipher is used to encrypt messages used by IPsec. This selection is used for both Phase 1 and Phase 2 of the IKE key
negotiation. The default cipher is AES.
negotiation. The default cipher is AES.
DH Group. The DH (Diffie-Hellman) Group is a property of IKE. It is used to determine the length of prime numbers associated with key
generation. The strength of the key generated is partially determined by the strength of the DH Group. Group 5, for instance, has greater strength
than Group 2. Mismatched group settings between policies when creating a VPN will cause your connection to the remote network to fail.
generation. The strength of the key generated is partially determined by the strength of the DH Group. Group 5, for instance, has greater strength
than Group 2. Mismatched group settings between policies when creating a VPN will cause your connection to the remote network to fail.
Phase 1 Key Lifetime. The lifetime of the generated keys of Phase 1 of the IPSec negotiation from IKE.
Phase 2 Key Lifetime. The lifetime of the generated keys of Phase 2 of the IPSec negotiation from IKE.
Pre-Shared Key. A secret password used to derive keys, which both parties will have to know.
Save Policy. Adds a new policy to the IPSec Policy List. After adding the policy to the list you will need to save the settings at the top of this page
before the policy will take effect.
before the policy will take effect.
Clear Form. While adding or updating a policy, the Clear Form button can be selected to reset the values to their default states.
Advanced. Shows you a menu to configure advanced settings.
When you are done editing the settings, you must click the Save Settings button at the top of the page to make the changes effective and
permanent.
permanent.
(continued)