D-Link DSR-250v2 Product Manual 2 - Page 91
IPsec Site to Site, SA Lifetime sec.
View all D-Link DSR-250v2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 91 highlights
VPN tunnel backup Backup tunnel Failure time to primary (seconds) Extended authentication Extended authentication type Authentication server Username Password Local authentication Protocol selection Encryption algorithm Authentication algorithm SA Lifetime (sec.) Perfect forward secrecy DH group Apply Cancel This is the failure count, after which it is considered the other peer as down. Enter the failure count. You can enable or disable the VPN tunnel backup feature. If VPN tunnel backup is enabled, you can use the VPN backup of the selected profile if the primary tunnel is down. When the primary tunnel is up, the backup tunnel will be turned down. Specify the time after which the backup tunnel will be down. Enable or disable the extended authentication feature. Select the authentication type that you want to use. The options are Local authentication, Authentication server, and IPSec host (Initiator). Select any one of the external authentication servers from the drop-down, and select the respective server. Enter the user name. This field is available when you select the IPSec host (Initiator) as the Extended authentication type. The length of the user name may vary from 1 to 64 characters. Enter the password. This field is available when you select the IPSec host (Initiator) as the Extended authentication type. The length of the password may vary from 8 to 63 characters. You may select one of the saved authentications on the local server. This field is available when you select Local authentication as the Extended authentication type. IKE phase-2 settings Select the protocol for IKE phase-2. Select the encryption algorithm to be used. You may select multiple algorithms. Select the authentication algorithm from the drop-down list. You may select multiple algorithms. It refers to the security association lifetime, and the range varies from 300 to 604800 seconds. If enabled, it does not allow the same key to be generated, forcing the user to use a new DH key exchange. Select the DH group. Click Apply to save your settings. Click Cancel to revert to previous settings. IPsec Site to Site The user can manually configure it in the Ipsec site to site and build IPSec VPN tunnels. This mode is useful when you try to establish a tunnel between two DSR-250v2 devices or when you try to establish a tunnel between DSR-250v2 and/or with any third-party gateway.