Filter
Top Products
Advanced Features
83
Local LAN
Local LAN
This identifies which PCs on your LAN are covered by this
policy. For each selection, data must be provided as follows:
• Single address
Enter an IP address in the "IP address" field. Typically,
this setting is used when you wish to make a single
Server on your LAN available to remote users.
• Subnet address
Enter an IP address in the "IP address" field, and the de-
sired network mask in the "Subnet Mask" field.
The remote VPN endpoint must have these IP addresses
entered as its "Remote" addresses.
Remote LAN
Remote LAN
This identifies which PCs on the remote LAN are covered by
this policy. For each selection, data must be provided as
follows:
• Single PC - no subnet
Select this option if there is no LAN (only a single PC) at
the remote endpoint. If this option is selected, no addi-
tional data is required.
• Single address
Enter an IP address in the "IP address" field. This must
be an address on the remote LAN. Typically, this setting
is used when you wish to access a server on the remote
LAN.
• Subnet address
Enter an IP address in the "IP address" field, and the de-
sired network mask in the "Subnet Mask" field.
The remote VPN endpoint must have these IP addresses
entered as its "Local" addresses.
IKE
Direction
This setting is used when determining if the IKE policy
matches the current traffic. Select the desired option.
• Responder only - Incoming connections are allowed, but
outgoing connections will be blocked.
• Initiator and Responder - Both incoming and outgoing
connections are allowed.
Exchange Mode
IPSec has 2 possibilities - "Main Mode" and "Aggressive
Mode".
Currently, only "Main Mode" is supported. Ensure the remote
VPN endpoint is set to use "Main Mode".
Diffie-Hellman
(DH) Group
The Diffie-Hellman algorithm is used when exchanging keys.
The DH Group setting determines the number of bit size
used in the exchange. This value must match the value used
on the remote VPN Gateway.