Netgear FWG114P FWG114P Reference Manual - Page 112
Authenticating Header AH, Configuration, Encapsulated Security, Payload ESP Configuration, Field
UPC - 606449029819
View all Netgear FWG114P manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 112 highlights
Reference Manual for the ProSafe Wireless 802.11g Firewall/Print Server Model FWG114P Table 8-1. VPN Manual Policy Configuration Fields Field Description Authenticating Header (AH) Configuration AH specifies the authentication protocol for the VPN header. These settings must match the remote VPN endpoint. Note: The "Incoming" settings here must match the "Outgoing" settings on the remote VPN endpoint, and the "Outgoing" settings here must match the "Incoming" settings on the remote VPN endpoint. SPI - Incoming Enter a Hex value (3 - 8 chars). Any value is acceptable, provided the remote VPN endpoint has the same value in its "Outgoing SPI" field. SPI - Outgoing Enter a Hex value (3 - 8 chars). Any value is acceptable, provided the remote VPN endpoint has the same value in its "Incoming SPI" field. Enable Authentication Use this checkbox to enable or disable AH. Authentication is often not used. In this case, leave the checkbox unchecked. Authentication Algorithm If you enable AH, then select the authentication algorithm: • MD5 is the default. • SHA1 is more secure. Enter the keys in the fields provided. For MD5, the keys should be 16 characters. For SHA-1, the keys should be 20 characters. Key - In Enter the keys. • For MD5, the keys should be 16 characters. • For SHA-1, the keys should be 20 characters. Any value is acceptable, provided the remote VPN endpoint has the same value in its Authentication Algorithm "Key - Out" field. Key - Out Enter the keys in the fields provided. • For MD5, the keys should be 16 characters. • For SHA-1, the keys should be 20 characters. Any value is acceptable, provided the remote VPN endpoint has the same value in its Authentication Algorithm "Key - In" field. Encapsulated Security ESP provides security for the payload (data) sent through the VPN tunnel. Payload (ESP) Configuration Generally, you will want to enable both encryption and authentication when you use ESP. Two ESP modes are available: • Plain ESP encryption • ESP encryption with authentication These settings must match the remote VPN endpoint. SPI - Incoming Enter a Hex value (3 - 8 chars). Any value is acceptable, provided the remote VPN endpoint has the same value in its "Outgoing SPI" field. 8-12 March 2004, 202-10027-01 Virtual Private Networking