Netgear 05200007 사용자 설명서

Troubleshooting

9-9

1.

In the Connection Monitor, click the specific connection entry.

2.

Click Details. The Security Association Details dialog box opens with a Phase 1 tab, Phase 
2 tab, or both, based on whether the entry represents a Phase 1 SA, Phase 2 SA, or both. 

3.

If both tabs appear, click the one with the details to view:

•

To view Authentication (Phase 1) SAs negotiated by IKE, click the Phase 1 tab. 

Note: Private Addr is the internal IP address. 

•

To view Key Exchange (Phase 2) SAs negotiated by IPSec, click the Phase 2 tab.

4.

To exit the dialog box, click Close.

Manual keys are IPSec encryption and authentication keys that you type in instead of having the 
client generate them automatically. They eliminate the need for a certificate or preshared keys and 
all IKE negotiations during Authentication (Phase 1) and Key Exchange (Phase 2). They are 
designed to help you determine if secure communications are possible.

Warning! Manual keys are intended for troubleshooting problem connections only. Because the 
process of distributing these keys is not secure, do not include them in an ongoing security policy.

After you Enable manual keys in the Security Policy Editor, the client makes two buttons available 
on the right pane when you Configure the Key Exchange (Phase 2) proposal: Inbound Keys and 
Outbound Keys. Why two buttons? Because the secure connection between the two parties 
transmits communications in two directions: incoming and outgoing.

You and the remote party must enter the same keys, but in the reverse order. The key that you enter 
as an inbound key is entered by the remote party as an outbound key, and vice versa, as this 
illustration shows: