Multitech RF760 Uživatelský manuál stáhnout pdf (Strana 11)

Example 1 – LAN-to-LAN Fixed IP Addresses Using RF760/660/600VPN

Multi-Tech Systems, Inc. RF760VPN/RF660VPN/RF600VPN Setup Examples Reference Guide (S000283D) 11

The IKE protocol does automatic negotiation of protocols, encryption algorithms; it keys automatic

exchange of keys. The following parameters must be set.

a) Connection name

Enter a text name that will identify the connection for you. For this example, enter SiteA.

b) Compression

Do not check for this example.

c) Perfect Forward Secrecy (PFS)

Check the PFS checkbox to enable PFS, a concept in which the newly generated keys are unrelated

to the older keys). This is enabled by default.

d) Authentication Method

Check the Secret authentication method for this example.

e) Secret

Since the authentication method is Secret, this field must be configured. Enter the key that matches

the secret key at Site B.

f) Select Encryption

Select the encryption method. Select 3DES.

g) IKE Life Time

The duration for which the ISAKMP SA should last is from successful negotiation to expiration. The

default value is 3600 seconds and the maximum is 28800 seconds.

h) Key Life

The duration for which the IPSec SA should last is from successful negotiation to expiration. The

default value is 28800 seconds and the maximum is 86400 seconds.

i) Number of Retries (Zero for Unlimited)

Enter of the number of retries you want the device to make in order to establish the connection. Use

zero for unlimited retries.

j) Local WAN IP

This is the interface initiating the IPSec tunnel. For this example, set to WAN.

k) Local LAN

This is the local security gateway for which the security services should be provided. For this example,

set to LAN.

l) Remote Gateway IP or FQDN

This is the interface where the IPSec tunnel ends. For this example with a static IP address, set to

RemoteWAN_IP.

Note: In the case of a Road Warrior with a Dynamic IP address, this should be configured to ANY.

m) Remote LAN

Remote security gateway for which the security services should be provided. For this example, set to

RemoteLAN.

n) UID (Unique Identifier String)

For this example, it is recommended that you accept the default to disable UID.

Note: When enabled, UID is used for compatibility purposes (other IPSec VPN gateways might require

you to input a Local and Remote IPSec Identifier).

o) Local ID

Do not set for this example.

p) Remote ID

Do not set for this example.

q) NetBIOS Broadcast

Do not set for this example.

Note: Check this option only to enable broadcasts over the connection. It will allow computers on the

network to share Microsoft file and printer sharing information.

This completes the configuration of the RouteFinder at Site A – Example 1.

Now move to the RouteFinder for Site B and access the LAN port from a workstation as

done for Site A.

1 2 ... 6 7 8 9 10 11 12 13 14 15 16 ... 38 39

Komentáře k této Příručce

Žádné komentáře

Multitech RF760 Uživatelský manuál Strana 11

Komentáře k této Příručce

Související produkty a manuály pro Sítě Multitech RF760