Netgear FVS318v3 – Cable/DSL ProSafe VPN Firewall with 8-Port Switch 참조 매뉴얼
ProSafe VPN Firewall FVS318v3 Reference Manual
4-4
Basic Virtual Private Networking
v5.0, January 2012
FQDNs supplied by Dynamic DNS providers can allow a VPN endpoint with a dynamic IP
address to initiate or respond to a tunnel request. Otherwise, the side using a dynamic IP
address must always be the initiator.
address to initiate or respond to a tunnel request. Otherwise, the side using a dynamic IP
address must always be the initiator.
•
What method will you use to configure your VPN tunnels?
–
)
–
Advanced methods (see
”)
•
What level of IPSec VPN encryption will you use?
–
DE – The Data Encryption Standard (DES) processes input data that is 64 bits wide,
encrypting these values using a 56 bit key. Faster but less secure than 3DES.
encrypting these values using a 56 bit key. Faster but less secure than 3DES.
–
3DES – (Triple DES) achieves a higher level of security by encrypting the data three times
using DES with three different, unrelated keys.
using DES with three different, unrelated keys.
–
AES
•
What level of authentication will you use?
–
MDS – 128 bits, faster but less secure.
–
SHA-1 – 160 bits, slower but more secure.
Table 4-1. Parameters recommended by the VPNC and used in the VPN Wizard
Parameter
Factory Default
Secure Association
Main Mode
Authentication Method
Pre-shared Key
Encryption Method
3DES
Authentication Protocol
SHA-1
Diffie-Hellman (DH) Group
Group 2 (1024 bit)
Key Life
8 hours
IKE Life Time
24 hours
NETBIOS
Enabled
Note: NETGEAR publishes additional interoperability scenarios with various gateway
and client software products.