D-Link DSR-250v2 Product Manual 1 - Page 91

IPsec Site to Site, SA Lifetime sec.

Get D-Link DSR-250v2 PDF manuals and user guides View all D-Link DSR-250v2 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 91 highlights

VPN tunnel backup Backup tunnel Failure time to primary (seconds) Extended authentication Extended authentication type Authentication server Username Password Local authentication Protocol selection Encryption algorithm Authentication algorithm SA Lifetime (sec.) Perfect forward secrecy DH group Apply Cancel This is the failure count, after which it is considered the other peer as down. Enter the failure count. You can enable or disable the VPN tunnel backup feature. If VPN tunnel backup is enabled, you can use the VPN backup of the selected profile if the primary tunnel is down. When the primary tunnel is up, the backup tunnel will be turned down. Specify the time after which the backup tunnel will be down. Enable or disable the extended authentication feature. Select the authentication type that you want to use. The options are Local authentication, Authentication server, and IPSec host (Initiator). Select any one of the external authentication servers from the drop-down, and select the respective server. Enter the user name. This field is available when you select the IPSec host (Initiator) as the Extended authentication type. The length of the user name may vary from 1 to 64 characters. Enter the password. This field is available when you select the IPSec host (Initiator) as the Extended authentication type. The length of the password may vary from 8 to 63 characters. You may select one of the saved authentications on the local server. This field is available when you select Local authentication as the Extended authentication type. IKE phase-2 settings Select the protocol for IKE phase-2. Select the encryption algorithm to be used. You may select multiple algorithms. Select the authentication algorithm from the drop-down list. You may select multiple algorithms. It refers to the security association lifetime, and the range varies from 300 to 604800 seconds. If enabled, it does not allow the same key to be generated, forcing the user to use a new DH key exchange. Select the DH group. Click Apply to save your settings. Click Cancel to revert to previous settings. IPsec Site to Site The user can manually configure it in the Ipsec site to site and build IPSec VPN tunnels. This mode is useful when you try to establish a tunnel between two DSR-250v2 devices or when you try to establish a tunnel between DSR-250v2 and/or with any third-party gateway.

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
This is the failure count, after which it is considered the other peer as down. Enter the
failure count.
VPN tunnel backup
You can enable or disable the
feature.
VPN tunnel backup
Backup tunnel
If
is enabled, you can use the VPN backup of the selected profile if the
VPN tunnel backup
primary tunnel is down. When the primary tunnel is up, the backup tunnel will be turned
down.
Failure time to primary (seconds)
Specify the time after which the backup tunnel will be down.
Extended authentication
Enable or disable the extended authentication feature.
Extended authentication type
Select the authentication type that you want to use. The options are Local authentication,
Authentication server, and IPSec host (Initiator).
Authentication server
Select any one of the external authentication servers from the drop-down, and select the
respective server.
Username
Enter the user name. This field is available when you select the
as
IPSec host (Initiator)
the
. The length of the user name may vary from 1 to 64
Extended authentication type
characters.
Password
Enter the password. This field is available when you select the
as the
IPSec host (Initiator)
. The length of the password may vary from 8 to 63 characters.
Extended authentication type
Local authentication
You may select one of the saved authentications on the local server. This field is available
when you select
as the
.
Local authentication
Extended authentication type
IKE phase-2 settings
Protocol selection
Select the protocol for IKE phase-2.
Encryption algorithm
Select the encryption algorithm to be used. You may select multiple algorithms.
Authentication algorithm
Select the authentication algorithm from the drop-down list. You may select multiple
algorithms.
SA Lifetime (sec.)
It refers to the security association lifetime, and the range varies from 300 to 604800
seconds.
Perfect forward secrecy
If enabled, it does not allow the same key to be generated, forcing the user to use a new
DH key exchange.
DH group
Select the DH group.
Apply
Click
to save your settings.
Apply
Cancel
Click
to revert to previous settings.
Cancel
IPsec Site to Site
The user can manually configure it in the
and build IPSec VPN tunnels. This mode is useful when you try to establish a tunnel
Ipsec site to site
between two DSR-250v2 devices or when you try to establish a tunnel between DSR-250v2 and/or with any third-party gateway.