Sony 2140847 User Manual
Configuring AirLink Helix
Rev 3.0D May.10
39
VPN 2
The Helix can act as a Generic Routing Encapsulation (GRE) endpoint, providing
a means to encapsulate a wide variety of network layer packets inside IP
tunneling packets. With this feature you can reconfigure IP architectures without
worrying about connectivity. GRE creates a point-to-point link between routers on
an IP network.
a means to encapsulate a wide variety of network layer packets inside IP
tunneling packets. With this feature you can reconfigure IP architectures without
worrying about connectivity. GRE creates a point-to-point link between routers on
an IP network.
The VPN 2 section allows configuration of the GRE tunnel on the Helix box.
Figure 8-2: ACEmanager: VPN 2 - VPN/IPSec
Figure 8-3: ACEmanager: VPN 2 - VPN/IPSec - GRE Tunnel
Perfect Forward
Secrecy
Yes or No. Provides additional security through a DH shared secret value. When this
feature is enabled, one key cannot be derived from another. This ensures previous and
subsequent encryption keys are secure even if one key is compromised.
feature is enabled, one key cannot be derived from another. This ensures previous and
subsequent encryption keys are secure even if one key is compromised.
IPSec Key Group
DH1, DH2, or DH5. Determines how the Helix VPN creates an SA with the VPN server. The
DH (Diffie-Hellman) key exchange protocol establishes pre-shared keys during the phase 1
authentication. Helix supports three prime key lengths, including Group 1 (768 bits), Group
2 (1,024 bits), and Group 5 (1,536 bits).
DH (Diffie-Hellman) key exchange protocol establishes pre-shared keys during the phase 1
authentication. Helix supports three prime key lengths, including Group 1 (768 bits), Group
2 (1,024 bits), and Group 5 (1,536 bits).
IPSec SA Life Time
180 to 86400. Determines how long the VPN tunnel is active in seconds. The default value
is 28,800 seconds, or 8 hours.
is 28,800 seconds, or 8 hours.
Command
Description
Command
Description
VPN 2 Type
Tunnel Disabled or GRE Tunnel. Enabling the GRE Tunnel will expose other options for
configuring the tunnel.
configuring the tunnel.
VPN Status
Disabled, Connected or Not Connected. Indicates the status of the GRE tunnel on the Helix
box.
box.
VPN Gateway
Address
The IP address of the device that this client connects to. This IP address must be open to
connections from the Helix Box.
connections from the Helix Box.