Edimax ER-1088 Available from Edimax USA Manual - Page 59
Settings - IKE Global Setup
View all Edimax ER-1088 Available from Edimax USA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 59 highlights
Settings - IKE Global Setup Global List (Phase 1) The list will only show the approximate information of all Global Settings on each WAN port. You can modify it by clicking on a selected row. Global Parameters • Enable Setting - If set to Enable, it enables the VPN function to work. • ISAkmp Port - Internet Security Association and Key Protocol Management (ISAkmp) is designed to negotiate, establish, modify and delete security associations and their attributes. By default, it is assigned UDP port 500 by the IANA. You can set it to use a port other than port 500. The remote IPsec site will attempt to connect on it. • Phase 1 DH Group - There are three levels of cryptography from the Diffie-Hellman group. The DH method illustrates key generation using public key cryptography. It uses the public and secret key information held by both users to generate a key. • Phase 1 Encryption Method - There are three data encryption methods available: DES, 3DES and AES. • Phase 1 Authentication Method - There are two authentication methods available: MD5 and SHA1 (Secure Hash Algorithm) • Phase 1 SA Life Time - By default the Security Association lifetime is 28800 seconds. When it is expired, a new key is re-negotiated. During the negotiation period, the VPN tunnel isn't available. • Retry Counter - This indicates how many times the process of Phase 1 will be restarted if it's unsuccessful. There will be an error message in the VPN log once it is expired. • Retry Interval - This indicates the time period between two consecutive retries. • Maxtime to complete Phase 1 - This indicates the maximum time allowed for negotiation in Phase 1. If it expires, it is recommended to increase the Maxtime period or reduce the DH group level. Default value is 30 sec. • Maxtime to complete Phase 2 - It indicates the maximum time allowed for negotiation in Phase 2. If it expires, it is recommended to increase the Maxtime period or reduce the DH group level. Default value is 30 sec. • Count Per Send - This indicates the maximum amount of duplicate packets to be resent if the remote side does not respond to the first packet. • Force Deletion after Expiry - When set to Enable, once SA has expired, the tunnel session will be removed and all related resources will be cleared. Log Level This function allows you to select which information you want to see on the VPN log. It has six different message levels: None, Critical, Error, Warning, Information and Debug. Page 55