Lantronix SGX 5150 User Guide - Page 60
Remote Network, Local Network, Key Management, ISAKMP Phase 1 IKE, Unreachable Host Detection
View all Lantronix SGX 5150 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 60 highlights
6: Network Settings VPN Setting Description Remote Network Endpoint Enter the remote VPN Gateway's IP Address. Subnet Enter the subnet behind the VPN Gateway. ID Enter the identifier expected to receive from the remote host during Phase 1 negotiation. Router/Next Hop Enter the next-hop gateway IP address for the VPN Gateway. Local Network Subnet Enter the subnet the local devices have access to or can be accessed from the VPN connection. ID Enter the identifier sent to the remote host during Phase 1 negotiation. Router/Next Hop Enter the next-hop gateway IP address for this connection to the public network. Key Management Perfect Forward Secrecy (PFS) Select to enable or disable the Perfect Forward Secrecy. Enabling this feature will require IKE to generate a new set of keys in Phase 2 rather than using the same key generated in Phase 1. Pre-shared Key (PSK) Enter the Pre-Shared Key used in the IPSec setting between the Local and VPN Gateway. ISAKMP Phase 1 (IKE) Aggressive Mode Select to enable or disable Aggressive Mode. In Aggressive mode, IKE tries to combine as much information into fewer packets while maintaining security. Aggressive mode is slightly faster but less secure. NAT Traversal Select to enable or disable NAT Traversal. If there is an external NAT device between VPN tunnels, the user must enable NAT Traversal. Encryption Select the encryption algorithm in key exchange from the drop-down menu. Authentication Select the hash algorithm in key exchange from the drop-down menu. DH Group Select the Diffie-Hellman (DH) groups (the Key Exchange group between the Remote and VPN Gateways) from the drop-down menu. IKE Lifetime Enter the number of hours for the IKE SA lifetime. ISAKMP Phase 2 (ESP) Encryption Select the encryption algorithm in data exchange from the drop-down menu. Authentication Select the hash algorithm in data exchange from the drop-down menu. DH Group Select the Diffie-Hellman (DH) groups (the Key Exchange group between the Remote and VPN Gateways) for Phase 2 from the drop-down menu. SA Lifetime Enter the number of hours for the SA lifetime in Phase 2. Unreachable Host Detection Host Enter the unreachable detection host monitoring the connectivity with the host on the remote network. Ping Interval Enter the Ping Interval to monitor connectivity with a host on the remote network. Max Tries Enter the number of Max Tries for pinging the host before the VPN tunnel is restarted. SGX 5150 IoT Device Gateway User Guide 60