SMC Networks D3GN301 Manual De Usuario
錯誤! 尚未定義樣式。
158
SMCD3GN2 Wireless Cable Modem Gateway Administrator Manual
9. To delete a tunnel, click the radio button to the left of the tunnel you want to delete and
click the Delete button. No precautionary message appears before you delete a tunnel.
Table 34. VPN – Adding VPN Tunnel Menu Options
Option
Description
Local Host Setting Intranet Configuration
Protect Private Lan button
Click this button to automatically populate the Intranet Address and Intranet Subway Mask fields with
unique private LAN values.
Protect Public Lan button
Click this button to automatically populate the Intranet Address and Intranet Subway Mask fields with
unique public LAN values.
Local ID
ID to identify and authenticate the local host.
Intranet Address
IP address of the local host. You can manually add this information, or use the Protect Private Lan
or Protect Public Lan button to auto-assign a unique IP address for the private or public LAN,
respectively.
Intranet Subnet Mask
Subnet mask of the local host. You can manually add this information, or use the Protect Private
Lan or Protect Public Lan button to auto-assign a unique subnet mask for the private or public LAN,
respectively.
Remote Gateway
Remote Gateway ID
ID to identify and authenticate the remote gateway at the other end of the VPN tunnel.
Remote Gateway Address
IP address of the remote gateway at the other end of the VPN tunnel.
Pre-shared Key
A “pass code” that must be the same at both the local and the remote side. Both ends of the tunnel
must use the same key; otherwise, the VPN tunnel cannot be established.
Key Management / IKE
IKE Life Duration
Length to time or amount of transfer before the Security Association is renegotiated.
Authentication method
Authentication mode used for keying the IPSec connection. Both ends of the tunnel must use the
same setting; otherwise, the VPN tunnel cannot be established.
IKE Hash
Checks that the data has not changed in transmission. Both ends of the tunnel must use the same
setting; otherwise, the VPN tunnel cannot be established. Choices are:
•
MD5 = faster than SHA, but less secure. (default)
•
SHA = a one-way hashing algorithm that produces a 160-bit digest. SHA is more secure than
MD5.
MD5.
IKE Encryption
Encryption algorithm used during the Authentication phase. Choices are
•
BLOWFISH = a symmetric encryption algorithm that uses the same secret key to both encrypt and
decrypt messages. Blowfish is also a block cipher that divides a message into fixed length blocks
during encryption and decryption. Blowfish has a 64-bit block size and a key length of anywhere
from 32 bits to 448 bits, and uses 16 rounds of main algorithm. (default)
decrypt messages. Blowfish is also a block cipher that divides a message into fixed length blocks
during encryption and decryption. Blowfish has a 64-bit block size and a key length of anywhere
from 32 bits to 448 bits, and uses 16 rounds of main algorithm. (default)
•
3DES = triple DES is a symmetric strong encryption algorithm that is compliant with the OpenPGP
standard. It is the application of DES standard, where three keys are used in succession to provide
additional security.
standard. It is the application of DES standard, where three keys are used in succession to provide
additional security.
•
AES = Advanced Encryption Standard offers the highest standard of security. The effective key
lengths that can be used with AES are 128, 192, and 256 bits. The higher the bit rate, the stronger
the encryption but the trade-off is lower throughput. More secure than 3DES.
lengths that can be used with AES are 128, 192, and 256 bits. The higher the bit rate, the stronger
the encryption but the trade-off is lower throughput. More secure than 3DES.
Both ends of the tunnel must use the same setting; otherwise, the VPN tunnel cannot be established.