31,703
edits
Changes
→TLS Clients
|-
|-
|}
|}
==IPsec==
The IPsec protocol client enables the router to establish a secure connection to an IPsec peer via the Internet. IPsec is supported in two modes - transport and tunnel. Transport mode creates a secure point to point channel between two hosts. Tunnel mode can be used to build a secure connection between two remote LANs serving as a VPN solution.
IPsec system maintains two databases: Security Policy Database (SPD) which defines whether to apply IPsec to a packet or not and specify which/how IPsec-SA is applied and Security Association Database (SAD), which contains a Key of each IPsec-SA.
The establishment of the Security Association (IPsec-SA) between two peers is needed for IPsec communication. It can be done by using manual or automated configuration.
Note: the router starts establishing a tunnel when data is sent from the router to a remote site over the tunnel. The Keep Alive feature is used for automatic tunnel establishment.
To create a new IPsec instance, go to the IPsec tab, type in a name for your new instance in the text field below the IPsec tab and press the '''Add''' button next to it.