Reference Manual for the Model Wireless ADSL Firewall Router DG834G
8-50
Virtual Private Networking (Advanced Feature)
202-10006-05, June 2005
•
Range address
—enter the starting IP address in the "Single/Start IP address" field, and the
finish IP address in the "Finish IP address" field. This must be an address range used on the
remote LAN.
•
Subnet address
—enter an IP address in the "Single/Start IP address" field, and the desired
network mask in the "Subnet Mask" field.
The remote VPN endpoint must have these IP addresses entered as its "Local" addresses.
ESP Configuration
ESP (Encapsulating Security Payload) provides security for the payload (data) sent through the
VPN tunnel.
SPI
—enter the required security policy indexes (SPIs). Each policy must have unique SPIs. These
settings must match the remote VPN endpoint. The "in" setting here must match the "out" setting
on the remote VPN endpoint, and the "out" setting here must match the "in" setting on the remote
VPN endpoint.
Encryption
—select the desired Encryption Algorithm, and enter the key in the field provided. For
3DES, the keys should be 24 ASCII characters and for DES, the keys should be 8 ASCII
characters.
•
DES—the Data Encryption Standard (DES) processes input data that is 64 bits wide,
encrypting these values using a 56 bit key. Faster but less secure than 3DES.
•
3DES—(Triple DES) achieves a higher level of security by encrypting the data three times
using DES with three different, unrelated keys.
Authentication
—select the desired SHA-1 or MD5 Authentication Algorithm, and enter the key
in the field provided. For MD5, the keys should be 16 ASCII characters. For SHA-1, the keys
should be 20 ASCII characters.
•
MD5—128 bits, faster but less secure.
•
SHA-1 (default)—160 bits, slower but more secure.