Filter
Top Products
DFL-500 User Manual
54
Mode. Enter the IP address of the dialup user or the domain name of the dialup user (for
example, domain.com). If you do not add a local ID, the DFL-500 external interface
automatically becomes the Local ID. For information about the Local ID, see About dialup
VPN authentication.
Nat-traversal
Select Enable if you expect the IPSec VPN traffic to go through a gateway that performs NAT.
If no NAT device is detected, enabling NAT traversal will have no effect. Both ends of the
gateway must have the same NAT traversal setting. See About NAT traversal
.
Keepalive
Frequency
If you enable NAT-traversal, you can change the number of seconds in the Keepalive
Frequency field. This number specifies, in seconds, how frequently empty UDP packets are
sent through the NAT device to ensure that the NAT mapping does not change until P1 and
P2 keylife expires. The keepalive frequency can be from 0 to 900 seconds.
• Select OK to save the remote gateway.
Adding a remote gateway (Dialup User selected)
About dialup VPN authentication
For dialup VPN authentication to work you must create compatible configurations on the DFL-500 NPG that is
the dialup server and its dialup clients. The configurations required for the server and the clients are different
for different dialup gateway configurations. There are four possible dialup VPN authentication configurations:
• Main mode with no user group selected
• Main mode with a user group selected
• Aggressive mode with no user group
• Aggressive mode with a user group selected