D-Link DWC-1000 DWC-1000 User's Guide - Page 99
DWC-1000 Wireless Controller User's Guide, NAT Keep Alive Frequency
View all D-Link DWC-1000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 99 highlights
Field NAT Keep Alive Frequency Local Identifier Type Local Identifier Remote Identifier Type Remote Identifier Encryption Algorithm Authentication Algorithm VPN Settings Description If NAT Traversal = On, use this option to control the keep-alive-frequency value. Keep-alive packets are sent at the specified time interval and are used to keep the NAT mappings alive on the NAT device. Setting this value to 0 disables this feature. Select the ISAKMP identifier for this router. Choices are: • Local WAN IP • FQDN • User-FQDN • DER ASN1 DN Enter the appropriate value for the local identifier. If the Local or Remote Identifier is not an IP address, negotiation is only possible in aggressive mode. If FQDN, User FQDN or DER ASN1 DN is selected, the wireless controller disables main mode and sets the default setting to aggressive mode. Select the ISAKMP identifier for this router. Choices are: • Remote WAN IP • FQDN • User-FQDN • DER ASN1 DN Enter the appropriate value for the remote identifier. If the Local or Remote Identifier is not an IP address, negotiation is only possible in aggressive mode. If FQDN, User FQDN or DER ASN1 DN is selected, the wireless controller disables main mode and sets the default setting to aggressive mode. Check the algorithm used to negotiate the SA. Choices are: • DES = faster than 3DES, but less secure. • 3DES = triple DES. More secure method than DES, but with lower throughput. • Advanced Encryption Standard is a block cipher that can be used at 128, 192, or 256 bits. The higher the bit rate, the stronger the encryption but the trade-off is lower throughput. It is more secure than DES or 3DES. The following AES choices are supported: − AES-128 − AES-192 − AES-256 • BLOWFISH = a symmetric encryption algorithm that uses the same secret key to both encrypt and decrypt messages. Blowfish is also a block cipher that divides a message into fixed length blocks during encryption and decryption. Blowfish has a 64-bit block size and a key length of anywhere from 32 bits to 448 bits, and uses 16 rounds of main algorithm. • CAST128 = a 128-bit block cipher. CAST is a strong, military-grade encryption algorithm that has a solid reputation for its ability to withstand unauthorized access. Specify the authentication algorithm for the VPN header. Ensure that the same authentication algorithm is configured on both sides of the tunnel. Choices are: • MD5 = Message-Digest algorithm 5 (MD5). MD5 is less secure than SHA, but faster. • SHA-1 = Secure Hash Algorithm (SHA-1) hash function. SHA-1 uses a 160-bit encryption key and is stronger than MD5. • SHA2-256 = SHA-256 hash function that uses 32-bit words. • SHA2-384 = SHA-384 hash function. • SHA2-512 = SHA-512 hash function that uses 64-bit words. 99 DWC-1000 Wireless Controller User's Guide