Filter
Top Products
74
Section 4 Configure
A typical SafeHarbour configuration is shown below:
Use these Best Practices in establishing your SafeHarbour tunnel.
Parameter Description and Setup
The following table describes SafeHarbour’s parameters that are used for
an IPSec VPN tunnel configuration:
1. Ensure that the configuration information is complete and accurate
2. Use the Worksheet provided on page 76.
Auth Protocol Authentication Protocol for IP packet header. The three parameter values are
None, Encapsulating Security Payload (ESP) and Authentication Header (AH)
DH Group Diffie-Hellman is a public key algorithm used between two systems to determine
and deliver secret keys used for encryption. Groups 1, 2 and 5 are supported.
Enable This toggle button is used to enable/disable the configured tunnel.
Encrypt Protocol Encryption protocol for the tunnel session.
Parameter values supported include NONE or ESP.
Hard MBytes Setting the Hard MBytes parameter forces the renegotiation of the IPSec Security
Associations (SAs) at the configured Hard MByte value.
The value can be configured between 1 and 1,000,000 MB and refers to data traf-
fic passed.
Hard Seconds Setting the Hard Seconds parameter forces the renegotiation of the IPSec Security
Associations (SAs) at the configured Hard Seconds value. The value can be config-
ured between 60 and 1,000,000 seconds
Key Management The Key Management algorithm manages the exchange of security keys in the
IPSec protocol architecture. SafeHarbour supports the standard Internet Key
Exchange (IKE)
Peer External IP Address The Peer External IP Address is the public, or routable IP address of the remote
gateway or VPN server you are establishing the tunnel with.
Peer Internal IP NetworkThe Peer Internal IP Network is the private, or Local Area Network (LAN) address
of the remote gateway or VPN Server you are communicating with.