Lantronix G520 G520 User Guide - Page 83

9: VPN Parameters CA Cert. Single hop IP for watchdog Monitor interface ping failure Description This field is available if X.509 Certificate is selected in the Key Mode field. The CA certificate file must be uploaded to the /etc/ipsec.d/cacerts directory. Click Select file... to browse the local drive and select the file. Click Upload file... to upload the file. After the file is uploaded, the CA Cert. field displays the file name and time stamp of the upload. To delete a file, click Delete. Enter the IP address to be used for monitoring purposes. The application will ping the IP defined here. If the ping fails, it will restart the device. This could be the LAN IP address of the IPsec router server. Select Yes to ping the IP address defined in Single hop IP for watchdog. Select No if you don't want the monitor interface to ping the single hop IP address. The default is No. Parameters IKE Mode Key Exchange IKE Encryption Table 9-2 IPsec Advanced Settings Description Select the mode that Internet Key Exchange (IKE) protocol uses to authenticate and/or encrypt the peers.  Main  Aggressive Select the mode of encryption key exchange between two communicating peers:  IKEV1  IKEV2  The default mode is IKEV1. Select the cipher type to use for the Internet Key Exchange (IKE):  Any  AES  AES-128  AES-192  AES-256  3DES  DES The default cipher type is "Any". G520 Series IoT Cellular Gateway User Guide 83