Options of Configuring Manual Key VPN

The options in the Manual Key VPN Configuration dialog are described as follows:

Basic

Tunnel name: Specifies or displays the name of manually created key VPN.

Mode: Specifies the mode, including Tunnel and Transport. The tunnel mode is the default mode.

Peer address: Specifies the IP address of the peer.

Local SPI: Type the local SPI value. SPI is a 32-bit value transmitted in AH and ESP header, which uniquely identifies a security association. SPI is used to seek corresponding VPN tunnel for decryption.

Local SPI: Type the local SPI value.

Note: When configuring an SA, you should configure the parameters of both the inbound and outbound direction. Furthermore, SA parameters of the two ends of the tunnel should be totally matched. The local inbound SPI should be the same with the outbound SPI of the other end; the local outbound SPI should be the same with the inbound SPI of the other end.

Interface: Specifies the egress interface for the manual key VPN. Select the interface you want from the Interface drop-down list.

Encryption

Protocol: Specifies the IPSec type. ESP is the default type.

Encryption: Specifies the encryption algorithm. 3DES is the default encryption algorithm.

Inbound encryption key: Type the encryption key of the inbound direction. You should configure the keys of both ends of the tunnel. The local inbound encryption key should be the same with the peer's outbound encryption key, and the local outbound encryption key should be the same with the peer's inbound encryption key.

Outbound encryption key: Type the encryption key of the outbound direction.

Hash: Specifies the authentication algorithm. SHA-1 is the default authentication algorithm.

Inbound hash key: Type the hash key of the inbound direction. You should configure the keys of both ends of the tunnel. The local inbound hash key should be the same with the peer's outbound hash key, and the local outbound hash key should be the same with the peer's inbound hash key.

Outbound hash key: Type the hash key of the outbound direction.

Compression: Select a compression algorithm. By default, no compression algorithm is used.

Description

Description: Type the description for the manual key VPN.

OK: Click OK to save the settings.

Cancel: Click Cancel to cancel the settings.