Siemens SIMATIC NET SCALANCE S615 Configuration Manual page 168

Configuring with Web Based Management
4.8 "Security" menu
● Key Derivation
Select the required Diffie-Hellmann group (DH) from which a key will be generated. If
"Auto" is set, there is no restriction. It is compared to the capabilities of the remote station
and selected accordingly.
● Lifetime [min]
Enter a period in minutes to specify the lifetime of the agreed keys. When the time
expires, the key is renegotiated.
● Lifebytes
Enter the data limit in bytes that specifies the lifetime of the agreed key. When the data
limit is reached, the key is renegotiated.
● Protocol
Specify the protocol for which the VPN connection is valid e.g. UDP, TCP, ICMP. If the
setting is intended to apply to all protocols, enter "*".
● Port (Range)
Specify the port via which the VPN tunnel can communicate. The setting applies
specifically to the specified port
– If the setting is intended to apply to a port range, enter the range with start port "-" end
– If the setting is intended to apply to all ports, enter "*".
The setting is only effective for port-based protocols.
● Auto Firewall Rules
– enabled
– disabled
168
port, for example 30 - 40.
The firewall rules are created automatically for the VPN connection.
You will need to create the firewall rules yourself.
SCALANCE S615 Web Based Management
Configuration Manual, 05/2015, C79000-G8976-C388-02