Dell PowerConnect W-Airwave W-Airwave 7.2 Configuration Guide - Page 153

IKE is a part of the IPSEC protocol suite, supporting security for VPNs with a shared session secret that produces security keys. NOTE: The IKE profile requires the controller to have a Remote Access Points license or a VPN Server license. Select Add to create a new IKE profile, or click the pencil icon next to an existing profile to edit. Table 78 describes the fields on the Advanced Services > VPN Services > IKE Add/Edit Detail page. Table 78 Advanced Services > VPN Services > IKE Add/Edit Detail Field Descriptions Field Default Description General Settings Folder Name Other Settings IKE Aggressive Group Name Top Blank Enable IKE RAP PSKL No Refresh/Caching IKE Shared Secrets Add IKE Policies Add Set the folder with which the IKE profile is associated. The drop-down menu displays all folders available for association with the IKE services profile. Enter the name of the IKE profile. Enter the authentication group name for aggressive mode. Make sure that the group name matches the group name configured in the VPN client software. Aggressive Mode condenses the IKE SA negotiations into three packets (versus six packets for Main Mode). A group associates the same set of attributes to multiple clients. Use this setting to enable refresh and caching for IKE on remote APs. Select this button to add an IKE shared secret. The following settings appear. Complete these settings and click Add in this section.  Subnet-Enter the subnet for the shared secret.  Subnet Mask-Enter the subnet mask for the shared secret.  IKE Shared Secret-Type the shared secret, and confirm. Select this button to add a new IKE policy. The following settings appear. Complete these settings and click Add in this section.  Priority-Type the priority number of this IKE policy.  Encryption-From the drop-down menu, select the encryption type to be supported in the IKE policy.  Hash Algorithm-Select the hash algorithm for this IKE policy.  Authentication-Select the authentication type to be supported in this IKE policy.  Diffie-Hellman Group-Select the bit-level to be supported.  Lifetime (300-86400 sec)-Define the lifetime, in seconds, for the IKE policy. Once one or more policies are added, select the policy to apply to the VPN Services > IKE profile being configured. Select Add to create the VPN Services > IKE profile, or click Save to retain the changes to an existing IKE profile. The profile appears on the Advanced Services > VPN Services > IKE page. Advanced Services > VPN Services > L2TP The combination of Layer-2 Tunneling Protocol and Internet Protocol Security (L2TP/IPSec) is a highly secure technology that enables VPN connections across public networks such as the Internet. L2TP/IPSec provides both a logical transport mechanism on which to transmit PPP frames as well as tunneling or encapsulation so that the Dell PowerConnect W AirWave 7.2 | Configuration Guide Dell PowerConnect W Configuration Reference | 153