NETGEAR FVS318 Router User Manual


 
Reference Manual for the Model FVS318 Cable/DSL ProSafe VPN Firewall
6-24 Virtual Private Networking
SA Life Time is 8 Hours
A finite SA Life Time increases security by forcing the two VPN endpoints to update the
encryption and authentication keys. However, every time the VPN tunnel renegotiates, users
accessing remote resources are disconnected.
For increased reliability, Keep Alive will always be enabled for connections router to router
VPN connections.
Alternative: Using Manual Keying
As an alternative to IKE, you may use Manual Keying, in which you must specify each phase of
the connection. The steps for Manual Keying are as follows:
1. When editing the VPN Settings, you may select manual keying. At that time, the edit menu
changes to look like Figure 6-5:
Figure 6-5. VPN Edit menu for Manual Keying
2. Incoming SPI - Enter the Security Parameter Index that the remote host will send to identify
the Security Association (SA). This will be the remote host’s Outgoing SPI.