NETGEAR N300 User Manual page 128

N300 wireless adsl2+ modem router

Hide thumbs Also See for N300:

User manual (142 pages)

Easy manual (12 pages)

Configuration manual (3 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

Table of Contents

N300 Wireless ADSL2+ Modem Router DGN2200v3

•

Remote Identity Type. Select the option that matches the Local Identity Type setting on

the remote VPN endpoint.

IP Address. The Internet IP address of the remote VPN endpoint.

Fully Qualified Domain Name. The domain name of the remote VPN endpoint.

Fully Qualified User Name. The name, email address, or other ID of the remote VPN

endpoint.

Remote Identity Data. Enter the data for the remote identity type that you selected. If

IP Address is selected, no input is required.

VPN Auto Policy Parameters

•

Encryption Algorithm. The encryption algorithm used for both IKE and IPSec. This

setting has to match the setting used on the remote VPN gateway. DES and 3DES are

supported.

DES. The Data Encryption Standard (DES) processes input data that is 64 bits wide,

encrypting these values using a 56-bit key. Faster but less secure than 3DES.

3DES. (Triple DES) achieves a higher level of security by encrypting the data three

times using DES with three different, unrelated keys.

•

Authentication Algorithm. The authentication algorithm used for both IKE and IPSec.

This setting has to match the setting used on the remote VPN gateway. Auto, MD5, and

SHA-1 are supported. Auto negotiates with the remote VPN endpoint and is not available

in responder-only mode.

MD5. 128 bits, faster but less secure.

SHA-1. 160 bits, slower but more secure. This is the default.

•

Pre-shared Key. The key has to be entered both here and on the remote VPN gateway.

•

SA Life Time. The time interval before the SA (security association) expires. (It is

automatically reestablished as required.) While using a short time period (or data amount)

increases security, it also degrades performance. It is common to use periods over an

hour (3600 seconds) for the SA life time. This setting applies to both IKE and IPSec SAs.

•

Enable IPSec PFS (Perfect Forward Secrecy). If this check box is selected, security is

enhanced by ensuring that the key is changed at regular intervals. Also, even if one key is

broken, subsequent keys are no easier to break. (Each key has no relationship to the

previous key.)

This setting applies to both IKE and IPSec SAs. When configuring the remote endpoint to

match this setting, you might have to specify the key group used. For this device, the key

group is the same as the DH Group setting in the IKE section.

Virtual Private Networking

128

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

Troubleshooting

This manual is also suitable for:

Dgn2200v3

NETGEAR N300 User Manual page 128

Hide quick links:

Troubleshooting

Related Manuals for NETGEAR N300

Related Products for NETGEAR N300

This manual is also suitable for:

Table of Contents