Configuring vpn, 1 default parameters, Chapter 10 – Asus SL6000 User Manual
Page 90
ASUS VPN ADSL Router
89
Chapter 10
Chapter 10
10. Configuring VPN
The chapter contains instructions for configuring VPN connections using
automatic keying and manual keys.
10.1 Default Parameters
The SL6000/SL6300 is pre-configured with a default set of proposals/
connections. They cover the most commonly used sets of parameters, required
for typical deployment scenarios. It is recommended that you use these pre-
configured proposals/connections to simplify VPN connection setup. The default
parameters provided in the SL6000/SL6300 are as follows:
Default Connections
Each connection represents a rule that will be applied on traffic originating
from/terminating at the security gateway. It contains the parameters: local/remote
IP-Addresses and ports. Table 10.1 lists the default connections that are
provisioned on the gateway:
Table 10.1 Default connections in SL6000/SL6300
Name
Type
Port
Protocol
State
Purpose
allow-ike-io
passby
500
UDP
Enabled To allow IKE traffic
allow-all
passby
---
---
Enabled To allow plain traffic
Proposals
Each proposal represents a set of authentication/encryption parameters.
Once configured, a proposal can be tied to a connection. Upon session
establishment, one of the proposals specified is selected and used for the
tunnel.
Note that multiple proposals can be specified for a connection. If you do not
specify the proposal to be used for a connection, all the pre-configured
proposals will be included for that connection.
Pre-configured IKE proposals
IKE proposals decide the type of encryption, hash algorithms and
authentication method that will be used for the establishment of the session
keys between the endpoints of a tunnel.