Netgear DGND3300v2 User Manual - Page 104
Table 5., VPN - Auto Policy Screen Settings, Continued, Fully Qualified Domain Name
View all Netgear DGND3300v2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 104 highlights
N300 Wireless Dual Band ADSL2+ Modem Router DGND3300v2 User Manual Table 5. VPN - Auto Policy Screen Settings (Continued) Fields and Settings Description IKE Direction This setting is used when the router determines if the IKE policy matches the current traffic. Select an option. • Responder only. Incoming connections are allowed, but outgoing connections are blocked. • Initiator and Responder. Both incoming and outgoing connections are allowed. Exchange Mode Ensure that the remote VPN endpoint is set to use Main Mode. Diffie-Hellman (DH) Group The Diffie-Hellman algorithm is used when keys are exchanged. The DH Group setting determines the bit size used in the exchange. This value must match the value used on the remote VPN gateway. Local Identity Type Select an option to match the Remote Identity Type setting on the remote VPN endpoint. • WAN IP Address. Your Internet IP address. • Fully Qualified Domain Name. Your domain name. • Fully Qualified User Name. Your name, email address, or other ID. Local Identity Data Enter the data for the local identity type that you selected. (If WAN IP Address is selected, no input is required.) Remote Identity Type Select the option that matches the Local Identity Type setting on the remote VPN endpoint. • IP Address. The Internet IP address of the remote VPN endpoint. • Fully Qualified Domain Name. The domain name of the remote VPN endpoint. • Fully Qualified User Name. The name, email address, or other ID of the remote VPN endpoint. Remote Identity Data Enter the data for the remote identity type that you selected. If IP Address is selected, no input is required. Parameters Encryption Algorithm The encryption algorithm used for both IKE and IPSec. This setting must match the setting used on the remote VPN gateway. DES and 3DES are supported. • DES. The Data Encryption Standard (DES) processes input data that is 64 bits wide, encrypting these values using a 56-bit key. Faster but less secure than 3DES. • 3DES. (Triple DES) achieves a higher level of security by encrypting the data three times using DES with three different, unrelated keys. Authentication Algorithm The authentication algorithm used for both IKE and IPSec. This setting must match the setting used on the remote VPN gateway. Auto, MD5, and SHA-1 are supported. Auto negotiates with the remote VPN endpoint and is not available in responder-only mode. • MD5. 128 bits, faster but less secure. • SHA-1. 160 bits, slower but more secure. This is the default. Pre-shared Key The key must be entered both here and on the remote VPN gateway. 104 | Chapter 6. Virtual Private Networking