beautypg.com

Backup server ip address or fqdn, Ike security descriptor, Ipsec security descriptor – RCA 608WL User Manual

Page 197: Exchange mode, Server vendor, Primary untrusted physical interface, Virtual ip mapping, Optional remote network, Ike authentication with preshared key, Chapter 5

background image

Chapter 5

Expert Configuration

E-DOC-CTC-20041126-0013 v1.0

195

Backup Server IP

Address or FQDN

Optionally specify a backup VPN server. If no backup VPN server is available, you
leave this field open.

IKE Security Descriptor

See

“ IKE Security Descriptors” on page 191

.

IPSec Security

Descriptor

See

“ IPSec Security Descriptors” on page 192

.

Exchange Mode

See

“ IKE Exchange Mode” on page 191

.

Server Vendor

The SpeedTouch™ can interact with VPN servers of various vendors. Some vendors
implement proprietary features. The vendor specific features are reflected in the
parameters required to dial in to the VPN server. For more information, see

“ Set of

Server Vendor specific parameters” on page 196

.

Primary Untrusted

Physical Interface

See

“ Primary Untrusted Physical Interface” on page 191

.

Virtual IP mapping

Either dhcp or nat can be selected.

Selecting dhcp as virtual IP address mapping has the effect that the virtual IP
address attributed by the VPN server to the SpeedTouch™ VPN client is
effectively assigned to the terminal. Simultaneous access to the VPN of
multiple terminals in the LAN is not possible.

Selecting nat as virtual IP address mapping has the effect that the virtual IP
address attributed by the VPN server is stored in the SpeedTouch™. The
SpeedTouch™ will automatically create a new NAT entry to map the virtual IP
address to the IP addresses used on the local network. Simultaneous access to
the VPN of multiple terminals is supported.

Optional Remote

network

These settings allow you to limit the accessible area on the remote network.
Normally the VPN server sets this parameter during the tunnel negotiations.

IKE Authentication with

Preshared Key

When you select Use Preshared Key Authentication, the following fields have to be
completed:

Preshared Secret

Confirm Secret.

For more information, see

“ IKE Authentication with Preshared Key” on page 191

.

Select...

when...

generic

the VPN server is either a SpeedTouch™ or is unknown.
You need to specify your e-mail address for the dial-in
procedure.

Cisco

you connect to a Cisco VPN server. Cisco requires a
Group ID to be specified for the VPN clients.

Nortel

you connect to a Nortel VPN server.

This manual is related to the following products:
See also other documents in the category RCA Hardware: