beautypg.com

Configuring vpn, 1 default parameters, Chapter 10 – Asus SL6000 User Manual

Page 90

background image

ASUS VPN ADSL Router

89

Chapter 10

Chapter 10

10. Configuring VPN

The chapter contains instructions for configuring VPN connections using
automatic keying and manual keys.

10.1 Default Parameters

The SL6000/SL6300 is pre-configured with a default set of proposals/
connections. They cover the most commonly used sets of parameters, required
for typical deployment scenarios. It is recommended that you use these pre-
configured proposals/connections to simplify VPN connection setup. The default
parameters provided in the SL6000/SL6300 are as follows:

Default Connections

Each connection represents a rule that will be applied on traffic originating
from/terminating at the security gateway. It contains the parameters: local/remote
IP-Addresses and ports. Table 10.1 lists the default connections that are
provisioned on the gateway:

Table 10.1 Default connections in SL6000/SL6300

Name

Type

Port

Protocol

State

Purpose

allow-ike-io

passby

500

UDP

Enabled To allow IKE traffic

allow-all

passby

---

---

Enabled To allow plain traffic

Proposals

Each proposal represents a set of authentication/encryption parameters.
Once configured, a proposal can be tied to a connection. Upon session
establishment, one of the proposals specified is selected and used for the
tunnel.
Note that multiple proposals can be specified for a connection. If you do not
specify the proposal to be used for a connection, all the pre-configured
proposals will be included for that connection.

Pre-configured IKE proposals

IKE proposals decide the type of encryption, hash algorithms and
authentication method that will be used for the establishment of the session
keys between the endpoints of a tunnel.

This manual is related to the following products: