Home
Главная
Moxa
Ethernet-модули ввода/вывода
ioLogik W5340-HSPA
Инструкция по эксплуатации Страница: 67

Moxa ioLogik W5340-HSPA [67/194] Vpn system log events and error codes

Moxa ioLogik W5312-T [67/194] Vpn system log events and error codes

ioLogik W5300 The ioAdmin Utility

3-39

ISAKMP phase 1

Operation Mode: Select main mode or aggressive mode to configure the standard negotiation parameters for

IKE Phase 1 of the VPN Tunnel

NAT traversal (NAT-T): Enabling this option will allow IPsec traffic from this endpoint to traverse through the

translation process during NAT. The remote VPN endpoint must also support this feature and it must be enabled

to function properly over the VPN (default = disable)

Encryption mode: Select the VPN ISAKMP phase 1 encryption mode

Authentication mode: Select the VPN ISAKMP phase 1 authentication mode

Diffie-Hellman group: Select the VPN ISAKMP phase 1 DH group. Increasing the DH Group number increases

the level of encryption implemented for PFS.

SA life time (default = 86400): Enter the number of seconds for the VPN ISAKMP phase 1 Lifetime, which

is the period of time to pass before establishing a new IPsec security association (SA) with the remote endpoint.

ISAKMP phase 2

Encryption mode: Select the VPN ISAKMP phase 2 encryption mode.

Authentication mode: Select the VPN ISAKMP phase 2 authentication mode.

Diffie-Hellman group: Select the VPN ISAKMP phase 2 DH group. Increasing the DH Group number increases

the level of encryption implemented for PFS.

SA life time (default = 28800): Enter the number of seconds for the VPN ISAKMP phase 2 Lifetime, which

is the period of time that passes before establishing a new IPsec security association (SA) with the remote

endpoint.

Advanced Settings

Anti-replay: Anti-replay is the method of not allowing an intercepted packet message to be sent to the

recipient multiple times without the original sender knowing (default = Disable).

Dead Peer Detection (DPD): Enable or disable the Dead Peer Detection. DPD is a method of detecting a dead

Internet Key Exchange (IKE) peer. It sends a DPD packet to the peer every 60 seconds with no traffic and

attempts to connect normally. If the DPD packet fails 5 times the VPN will continuously re-establish a

connection (default = Disable).

VPN System Log Events and Error Codes

VPN system log Description

UNLINK_TIME_REACH SA Lifetime timeout

UNLINK_TIME_OUT No response from remote VPN server

UNLINK_NO_PROPASOL The remote VPN server does not have matched VPN settings(proposal)

UNLINK_DPD DPD detecting

IKE_PHASE1_MAIN_START IKE phase1 Main mode starts

IKE_PHASE1_AGGR_START IKE phase1 Aggressive mode starts

IKE_PHASE1_ENCRY_START IKE phase1 VPN tunnel encrypting

IKE_PHASE1_OK Passing the VPN tunnel phase1

IKE_PHASE2_OK Passing the VPN tunnel phase2

IKE_RENEW_START Rekeying

IKE_RENEW_OK Rekey successfully

PHASE1_TIME_REACH Phase1 SA lifetime timeout

OLD_SA_TIME_REACH Earlier SA lifetime is deleted by the ioLogik

REMOTE_DEL_ISAKMP Key of VPN tunnel phase1 is deleted by the remote

REMOTE_DEL_ESP Key of VPN tunnel phase2 is deleted by the remote

REMOTE_DEL_ESP_OLD Earlier SA lifetime is deleted by the remote VPN Server

Moxa ioLogik W5340-HSPA [67/194] Vpn system log events and error codes

Содержание

Похожие устройства