Line 268: |
Line 268: |
| |- | | |- |
| |} | | |} |
| + | |
| + | ==IPsec== |
| + | |
| + | The IPsec protocol client enables the router to establish a secure connection to an IPsec peer via the Internet. IPsec is supported in two modes - transport and tunnel. Transport mode creates a secure point to point channel between two hosts. Tunnel mode can be used to build a secure connection between two remote LANs serving as a VPN solution. |
| + | |
| + | IPsec system maintains two databases: Security Policy Database (SPD) which defines whether to apply IPsec to a packet or not and specify which/how IPsec-SA is applied and Security Association Database (SAD), which contains a Key of each IPsec-SA. |
| + | |
| + | The establishment of the Security Association (IPsec-SA) between two peers is needed for IPsec communication. It can be done by using manual or automated configuration. |
| + | |
| + | Note: the router starts establishing a tunnel when data is sent from the router to a remote site over the tunnel. The Keep Alive feature is used for automatic tunnel establishment. |
| + | |
| + | To create a new IPsec instance, go to the IPsec tab, type in a name for your new instance in the text field below the IPsec tab and press the '''Add''' button next to it. |