Netopia Motorola 3347-02 Router Manual PDF (Setup & Configuration Guide)

Page 326 / 351 Scroll up to view Page 321 - 325

326

modem.

Modulator/demodulator. Device used to convert a dig-

ital signal to an analog signal for transmission over standard

telephone lines. A modem at the other end of the connection

converts the analog signal back to a digital signal.

MRU.

Maximum Receive Unit. The maximum packet size, in

bytes, that a network interface will accept.

MTU.

Maximum Transmission Unit. The maximum packet size,

in bytes, that can be sent over a network interface.

MULTI-LAYER.

The Open System Interconnection (OSI) model

divides network trafﬁc into seven distinct levels, from the Physi-

cal (hardware) layer to the Application (software) layer. Those in

between are the Presentation, Session, Transport, Network,

and Data Link layers. Simple ﬁrst and second generation ﬁre-

wall technologies

inspect between 1 and 3 layers of the 7 layer

model, while our SMLI engine inspects layers 2 through 7.

-----N-----

NAK.

Negative acknowledgment. See ACK.

Name.

The Name parameter refers to the name of the conﬁg-

ured tunnel. This is mainly used as an identiﬁer for the adminis-

trator. The Name parameter is an ASCII and is limited to 31

characters. The tunnel name is the only IPSec parameter that

does not need to match the peer gateway.

NCP.

Network Control Protocol.

Negotiation Method.

This parameter refers to the method

used during the Phase I key exchange, or IKE process. SafeHar-

bour supports Main or Aggressive Mode. Main mode requires 3

Page 327 / 351

327

two-way message exchanges while Aggressive mode only

requires 3 total message exchanges.

null modem.

Cable or connection device used to connect two

computing devices directly rather than over a network.

-----P-----

packet.

Logical grouping of information that includes a header

and data. Compare frame, datagram.

PAP.

Password Authentication Protocol. Security protocol within

the PPP protocol suite that prevents unauthorized access to

network services. See RFC 1334 for PAP speciﬁcations. Com-

pare CHAP.

parity.

Method of checking the integrity of each character

received over a communication channel.

Peer External IP Address.

The Peer External IP Address is the

public, or routable IP address of the remote gateway or VPN

server you are establishing the tunnel with.

Peer Internal IP Network.

The Peer Internal IP Network is the

private, or Local Area Network (LAN) address of the remote

gateway or VPN Server you are communicating with.

Peer Internal IP Netmask.

The Peer Internal IP Netmask is the

subnet mask of the Peer Internal IP Network.

PFS Enable.

Enable

P

erfect

F

orward

S

ecrecy. PFS forces a DH

negotiation during Phase II of IKE-IPSec SA exchange. You can

disable this or select a DH group 1, 2, or 5. PFS is a security

principle that ensures that any single key being compromised

will permit access to only data protected by that single key. In

Page 328 / 351

328

PFS, the key used to protect transmission of data must not be

used to derive any additional keys. If the key was derived from

some other keying material, that material must not be used to

derive any more keys.

PING.

Packet INternet Groper. Utility program that uses an

ICMP echo message and its reply to verify that one network

node can reach another. Often used to verify that two hosts can

communicate over a network.

PPP.

Point-to-Point Protocol. Provides a method for transmitting

datagrams over serial router-to-router or host-to-network con-

nections using synchronous or asynchronous circuits.

Pre-Shared Key.

The Pre-Shared Key is a parameter used for

authenticating each side. The value can be an ASCII or Hex and

a maximum of 64 characters

.

Pre-Shared Key Type.

The Pre-Shared Key Type classiﬁes the

Pre-Shared Key. SafeHarbour supports

ASCII

or

HEX

types

protocol.

Formal set of rules and conventions that specify how

information can be exchanged over a network.

PSTN.

Public Switched Telephone Network.

-----R-----

repeater.

Device that regenerates and propagates electrical

signals between two network segments. Also known as a hub.

RFC.

Request for Comment. Set of documents that specify the

conventions and standards for TCP/IP networking.

Page 329 / 351

329

RIP.

Routing Information Protocol. Protocol responsible for dis-

tributing information about available routes and networks from

one router to another.

RJ-11.

Four-pin connector used for telephones.

RJ-45.

Eight-pin connector used for 10BaseT (twisted pair

Ethernet) networks.

route.

Path through a network from one node to another. A

large internetwork can have several alternate routes from a

source to a destination.

routing table.

Table stored in a router or other networking

device that records available routes and distances for remote

network destinations.

-----S-----

SA Encrypt Type.

SA Encryption Type refers to the symmetric

encryption type. This encryption algorithm will be used to

encrypt each data packet. SA Encryption Type values supported

include

DES

and

3DES

.

SA Hash Type.

SA Hash Type refers to the Authentication

Hash algorithm used during SA negotiation. Values supported

include

MD5 SHA1

. N/A will display if NONE is chose for Auth

Protocol.

Security Association.

From the IPSEC point of view, an SA is

a data structure that describes which transformation is to be

applied to a datagram and how. The SA speciﬁes:

•

The authentication algorithm for AH and ESP

•

The encryption algorithm for ESP

Page 330 / 351

330

•

The encryption and authentication keys

•

Lifetime of encryption keys

•

The lifetime of the SA

•

Replay prevention sequence number and the replay bit table

An arbitrary 32-bit number called a Security Parameters Index

(SPI), as well as the destination host’s address and the IPSEC

protocol identiﬁer, identify each SA. An SPI is assigned to an SA

when the SA is negotiated. The SA can be referred to by using

an SPI in AH and ESP transformations. SA is unidirectional. SAs

are commonly setup as bundles, because typically two SAs are

required for communications. SA management is always done

on bundles (setup, delete, relay).

serial communication.

Method of data transmission in which

data bits are transmitted sequentially over a communication

channel

SHA-1.

An implementation of the U.S. Government

S

ecure

H

ash

A

lgorithm; a 160-bit authentication algorithm.

Soft MBytes.

Setting the Soft MBytes parameter forces the

renegotiation of the IPSec Security Associations (SAs) at the

conﬁgured Soft MByte value. The value can be conﬁgured

between

1 and 1,000,000 MB

and refers to data trafﬁc passed.

If this value is not achieved, the Hard MBytes parameter is

enforced.

Soft Seconds.

Setting the Soft Seconds parameter forces the

renegotiation of the IPSec Security Associations (SAs) at the

conﬁgured Soft Seconds value. The value can be conﬁgured

between 60 and 1,000,000 seconds.

Rate

Popular Netopia Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share