Motorola 3347 User Manual
Page 101
101
Links Bar
PAT Address
If NAT is enabled, this field appears. You can specify a Por t Address Trans-
lation (PAT) address or leave the default all-zeroes (if Xauth is enabled). If
you leave the default. the address will be requested from the remote router
and dynamically applied to the Gateway.
Negotiation
Method
This parameter refers to the method used during the Phase I key
exchange, or IKE process. SafeHarbour suppor ts Main or Aggressive
Mode. Main mode requires 3 two-way message exchanges while Aggres-
sive mode only requires 3 total message exchanges.
Local ID type
If Aggressive mode is selected as the Negotiation Method, this option
appears. Selection options are: IP Address, Subnet, Hostname, ASCII
Local ID Address/
Value
If Aggressive mode is selected as the Negotiation Method, this field
appears. This is the local (Gateway-side) IP address (or Name Value, if Sub-
net or Hostname are selected as the Local ID Type).
Local ID Mask
If Aggressive mode is selected as the Negotiation Method, and Subnet as
the Local ID Type, this field appears. This is the local (Gateway-side) sub-
net mask.
Remote ID Type
If Aggressive mode is selected as the Negotiation Method, this option
appears. Selection options are: IP Address, Subnet, Hostname, ASCII.
Remote ID
Address/Value
If Aggressive mode is selected as the Negotiation Method, this field
appears. This is the remote (central-office-side) IP address (or Name Value,
if Subnet or Hostname are selected as the Local ID Type).
Remote ID Mask
If Aggressive mode is selected as the Negotiation Method, and Subnet as
the Remote ID Type, this field appears. This is the remote (central-office-
side) subnet mask.
Pre-Shared Key
Type
The Pre-Shared Key Type classifies the Pre-Shared Key. SafeHarbour sup-
por ts ASCII or HEX types
Pre-Shared Key
The Pre-Shared Key is a parameter used for authenticating each side. The
value can be ASCII or Hex and a maximum of 64 characters. ASCII is case-
sensitive.
DH Group
Diffie-Hellman is a public key algorithm used between two systems to
determine and deliver secret keys used for encr yption. Groups 1, 2 and 5
are suppor ted.
PFS Enable
Per fect For ward Secrecy (PFS) is used during SA renegotiation. When PFS
is selected, a Diffie-Hellman key exchange is required. If enabled, the PFS
DH group follows the IKE phase 1 DH group.
SA Encrypt Type
SA Encr yption Type refers to the symmetric encr yption type. This encr yp-
tion algorithm will be used to encr ypt each data packet. SA Encr yption
Type values suppor ted include DES and 3DES.
Table 3: IPSec Tunnel Details page parameters