Differences

This shows you the differences between two versions of the page.

--- web_gui:vpn_peer [2010/11/22 11:17]
mats
+++ web_gui:vpn_peer [2010/11/24 09:52] (current)
mats
@@ Line 62: / Line 62: @@
 **Act as**:\\
 By default your Internet Gate acts as both IPSec //Initiator and responder//, meaning it can initialize an IPSec connection when needed, but also answer to an incoming connection request from the specified remote IPSec gateway. You can change it to just //responder//: then your Internet Gate becomes more like a “server" only accepting access from the specified “client", but not trying to connect to it by itself. The //Responder for roaming clients setting// is for the EasyServer.
-  * //Initiator and responder// this unit accepts connection attempts from the remote peer, and also tries to initiate connection by itself if there is any data to be sent to the remote peer. ( "client" )
+  * //Initiator and responder//: this unit accepts connection attempts from the remote peer, and also tries to initiate connection by itself if there is any data to be sent to the remote peer. ( "client" )
-  * //Responder// this unit accepts connection attempts from the remote peer, but does not attempt to connect to the remote peer by itself. ("server")
+  * //Responder//: this unit accepts connection attempts from the remote peer, but does not attempt to connect to the remote peer by itself. ("server")
-  * //Responder for roaming clients// this unit accepts connection attempts from unspecified remote peers. Remote Gateway IP Address (see above) does not need to be specified - set it to 0.0.0.0
+  * //Responder for roaming clients//: this unit accepts connection attempts from unspecified remote peers. Remote Gateway IP Address (see above) does not need to be specified - set it to 0.0.0.0
 **IKE phase1 mode**\\
 During the initial security association establishment, one can select between:
-  * //Main// a little more secure and requires two more message exchanges,
+  * //Main//: a little more secure and requires two more message exchanges,
-  * //Aggressive// a little less secure but faster, the identities are not protected,
+  * //Aggressive//: a little less secure but faster, the identities are not protected,
-  * //Main, accept Aggressive// Main mode preferred, Aggressive mode accepted,
+  * //Main, accept Aggressive//: Main mode preferred, Aggressive mode accepted,
-  * //Aggressive, accept Main// Aggressive mode preferred, Main mode accepted.
+  * //Aggressive, accept Main//: Aggressive mode preferred, Main mode accepted.
 **NAT Traversal**\\
 Specifies whether IPSec NAT-T protocol (encapsulation of IPSec packets inside UDP packets) is allowed to be used when your Internet Gate acts as an Initiator. It is useful if you, or the remote IPSec gateway, are behind a NAT. As an IPSec responder the Internet Gate always accepts IPSec NAT-T packets. [[wp>NAT-T]]\\
-  * //Disabled// NAT-T will not be used, connections with a NAT (=Network Address Translation) in between will not work.
+  * //Disabled//: NAT-T will not be used, connections with a NAT (=Network Address Translation) in between will not work.
-  * //Enabled// NAT-T will be used if needed (and if supported by the remote peer), automatic detection if a NAT is present is done.
+  * //Enabled//: NAT-T will be used if needed (and if supported by the remote peer), automatic detection if a NAT is present is done.
-  * //Force// If the remote peer supports NAT-T, then it will be used, even if no NAT is present. This is e.g. useful if the ESP- or AH-protocol is blocked somewhere on the communication path.
+  * //Force//: If the remote peer supports NAT-T, then it will be used, even if no NAT is present. This is e.g. useful if the ESP- or AH-protocol is blocked somewhere on the communication path.
 **List of algorithm offers**\\

web_gui/vpn_peer.1290421076.txt.gz · Last modified: 2010/11/22 11:17 by mats

Show page Old revisions