Filter
Top Products
137
Security
PAT Address If NAT is enabled, this field appears. You can specify a Port Address Trans-
lation (PAT) address or leave the default all-zeroes (if Xauth is enabled). If
you leave the default. the address will be requested from the remote router
and dynamically applied to the Gateway.
Negotiation
Method
This parameter refers to the method used during the Phase I key
exchange, or IKE process. SafeHarbour supports Main or Aggressive
Mode. Main mode requires 3 two-way message exchanges while Aggres-
sive mode only requires 3 total message exchanges.
Local ID type If Aggressive mode is selected as the Negotiation Method, this option
appears. Selection options are: IP Address, Subnet, Hostname, ASCII
Local ID Address/
Value
If Aggressive mode is selected as the Negotiation Method, this field
appears. This is the local (Gateway-side) IP address (or Name Value, if Sub-
net or Hostname are selected as the Local ID Type).
Local ID Mask If Aggressive mode is selected as the Negotiation Method, and Subnet as
the Local ID Type, this field appears. This is the local (Gateway-side) sub-
net mask.
Remote ID Type If Aggressive mode is selected as the Negotiation Method, this option
appears. Selection options are: IP Address, Subnet, Hostname, ASCII.
Remote ID
Address/Value
If Aggressive mode is selected as the Negotiation Method, this field
appears. This is the remote (central-office-side) IP address (or Name Value,
if Subnet or Hostname are selected as the Local ID Type).
Remote ID Mask If Aggressive mode is selected as the Negotiation Method, and Subnet as
the Remote ID Type, this field appears. This is the remote (central-office-
side) subnet mask.
Pre-Shared Key
Type
The Pre-Shared Key Type classifies the Pre-Shared Key. SafeHarbour sup-
ports ASCII or HEX types
Pre-Shared Key The Pre-Shared Key is a parameter used for authenticating each side. The
value can be ASCII or Hex and a maximum of 64 characters. ASCII is case-
sensitive.
DH Group Diffie-Hellman is a public key algorithm used between two systems to
determine and deliver secret keys used for encryption. Groups 1, 2 and 5
are supported.
PFS Enable Perfect Forward Secrecy (PFS) is used during SA renegotiation. When PFS
is selected, a Diffie-Hellman key exchange is required. If enabled, the PFS
DH group follows the IKE phase 1 DH group.
SA Encrypt Type SA Encryption Type refers to the symmetric encryption type. This encryp-
tion algorithm will be used to encrypt each data packet. SA Encryption
Type values supported include DES and 3DES.
Table 3: IPSec Tunnel Details page parameters