Arris 3387W Manual Do Utilizador
118
Parameter Description and Setup.
The following table describes SafeHar-
bour’s parameters that are used for an IPSec VPN tunnel configuration:
Auth Protocol
Authentication Protocol for IP packet header. The three parameter
values are None, Encapsulating Security Payload (ESP) and Authen-
tication Header (AH)
values are None, Encapsulating Security Payload (ESP) and Authen-
tication Header (AH)
DH Group
Diffie-Hellman is a public key algorithm used between two systems to
determine and deliver secret keys used for encryption. Groups 1, 2
and 5 are supported.
determine and deliver secret keys used for encryption. Groups 1, 2
and 5 are supported.
Enable
This toggle button is used to enable/disable the configured tunnel.
Encrypt Protocol Encryption protocol for the tunnel session.
Parameter values supported include NONE or ESP.
Hard MBytes
Setting the Hard MBytes parameter forces the renegotiation of the
IPSec Security Associations (SAs) at the configured Hard MByte
value.
IPSec Security Associations (SAs) at the configured Hard MByte
value.
The value can be configured between 1 and 1,000,000 MB and refers
to data traffic passed.
to data traffic passed.
Hard Seconds
Setting the Hard Seconds parameter forces the renegotiation of the
IPSec Security Associations (SAs) at the configured Hard Seconds
value. The value can be configured between 60 and 1,000,000 sec-
onds
IPSec Security Associations (SAs) at the configured Hard Seconds
value. The value can be configured between 60 and 1,000,000 sec-
onds
Key Management The Key Management algorithm manages the exchange of security
keys in the IPSec protocol architecture. SafeHarbour supports the
standard Internet Key Exchange (IKE)
standard Internet Key Exchange (IKE)
Peer External IP
Address
Address
The Peer External IP Address is the public, or routable IP address of
the remote gateway or VPN server you are establishing the tunnel
with.
the remote gateway or VPN server you are establishing the tunnel
with.
Peer Internal IP
Network
Network
The Peer Internal IP Network is the private, or Local Area Network
(LAN) address of the remote gateway or VPN Server you are commu-
nicating with.
(LAN) address of the remote gateway or VPN Server you are commu-
nicating with.
Peer Internal IP
Netmask
Netmask
The Peer Internal IP Netmask is the subnet mask of the Peer Internal
IP Network.
IP Network.
PFS Enable
Perfect Forward Secrecy (PFS) is used during SA renegotiation.
When PFS is selected, a Diffie-Hellman key exchange is required. If
enabled, the PFS DH group follows the IKE phase 1 DH group.
When PFS is selected, a Diffie-Hellman key exchange is required. If
enabled, the PFS DH group follows the IKE phase 1 DH group.
Pre-Shared Key
The Pre-Shared Key is a parameter used for authenticating each
side. The value can be an ASCII or Hex and a maximum of 64 charac-
ters. ASCII is case-sensitive.
side. The value can be an ASCII or Hex and a maximum of 64 charac-
ters. ASCII is case-sensitive.
Pre-Shared Key
Type
Type
The Pre-Shared Key Type classifies the Pre-Shared Key. SafeHarbour
supports ASCII or HEX types
supports ASCII or HEX types