1 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
5 <link rel="stylesheet" href="stylemain.css" type="text/css">
6 <link rel="stylesheet" href="colors.css" type="text/css">
7 <meta http-equiv="Pragma" content="no-cache">
8 <title> IPSec Settings</title>
10 <script language="javascript" src="util.js"></script>
11 <script language="javascript">
15 var ipsTableIndex = '<%ejGetJS(ipsTableIndex)%>';
16 var ipsConnName = '<%ejGetJS(ipsConnName)%>';
17 var ipsRemoteGWAddr = '<%ejGetJS(ipsRemoteGWAddr)%>';
18 var ipsLocalIPMode = '<%ejGetJS(ipsLocalIPMode)%>';
19 var ipsLocalIP = '<%ejGetJS(ipsLocalIP)%>';
20 var ipsLocalMask = '<%ejGetJS(ipsLocalMask)%>';
21 var ipsLocalRangeLo = '<%ejGetJS(ipsLocalRangeLo)%>';
22 var ipsLocalRangeHi = '<%ejGetJS(ipsLocalRangeHi)%>';
23 var ipsRemoteIPMode = '<%ejGetJS(ipsRemoteIPMode)%>';
24 var ipsRemoteIP = '<%ejGetJS(ipsRemoteIP)%>';
25 var ipsRemoteMask = '<%ejGetJS(ipsRemoteMask)%>';
26 var ipsRemoteRangeLo = '<%ejGetJS(ipsRemoteRangeLo)%>';
27 var ipsRemoteRangeHi = '<%ejGetJS(ipsRemoteRangeHi)%>';
28 var ipsKeyExM = '<%ejGetJS(ipsKeyExM)%>';
29 var ipsAuthM = '<%ejGetJS(ipsAuthM)%>';
30 var ipsPSK = '<%ejGetJS(ipsPSK)%>';
31 var ipsCertificateName = '<%ejGetJS(ipsCertificateName)%>';
32 var ipsPerfectFSEn = '<%ejGetJS(ipsPerfectFSEn)%>';
33 var ipsManualEncryptionAlgo = '<%ejGetJS(ipsManualEncryptionAlgo)%>';
34 var ipsManualEncryptionKey = '<%ejGetJS(ipsManualEncryptionKey)%>';
35 var ipsManualAuthAlgo = '<%ejGetJS(ipsManualAuthAlgo)%>';
36 var ipsManualAuthKey = '<%ejGetJS(ipsManualAuthKey)%>';
37 var ipsSPI = '<%ejGetJS(ipsSPI)%>';
38 var ipsPh1Mode = '<%ejGetJS(ipsPh1Mode)%>';
39 var ipsPh1EncryptionAlgo = '<%ejGetJS(ipsPh1EncryptionAlgo)%>';
40 var ipsPh1IntegrityAlgo = '<%ejGetJS(ipsPh1IntegrityAlgo)%>';
41 var ipsPh1DHGroup = '<%ejGetJS(ipsPh1DHGroup)%>';
42 var ipsPh1KeyTime = '<%ejGetJS(ipsPh1KeyTime)%>';
43 var ipsPh2EncryptionAlgo = '<%ejGetJS(ipsPh2EncryptionAlgo)%>';
44 var ipsPh2IntegrityAlgo = '<%ejGetJS(ipsPh2IntegrityAlgo)%>';
45 var ipsPh2DHGroup = '<%ejGetJS(ipsPh2DHGroup)%>';
46 var ipsPh2KeyTime = '<%ejGetJS(ipsPh2KeyTime)%>';
52 function setSelect(item, value)
54 for (i=0; i<item.options.length; i++) {
55 if (item.options[i].value == value) {
56 item.selectedIndex = i;
62 function submitText(item, name)
64 return '&' + name + '=' + item.value;
67 function getSelect(item)
70 if (item.options.length > 0) {
71 idx = item.selectedIndex;
72 return item.options[idx].value;
79 function submitSelect(item, name)
81 return '&' + name + '=' + getSelect(item);
84 function loadCertList()
86 with ( document.forms[0] ) {
87 <%ejGetStr(ipsCertList)%>
91 function localIPModeChange() {
92 with ( document.forms[0] ) {
93 var mode = localIPMode[localIPMode.selectedIndex].value;
108 function remoteIPModeChange() {
109 with ( document.forms[0] ) {
110 var mode = remoteIPMode[remoteIPMode.selectedIndex].value;
126 function keyauthChange() {
127 with ( document.forms[0] ) {
128 var keymode = keyExM[keyExM.selectedIndex].value;
129 var authmode = authM[authM.selectedIndex].value;
132 showhide("AutoKeyEx", 1);
133 showhide("ManualKey", 0);
135 case "pre_shared_key":
137 showhide("Certificate", 0);
141 showhide("Certificate", 1);
147 showhide("AutoKeyEx", 0);
148 showhide("ManualKey", 1);
150 showhide("Certificate", 0);
152 showhideAdv(showAdv);
159 function switchAdv() {
160 with ( document.forms[0] ) {
162 showhideAdv(showAdv);
166 function showhideAdv(show) {
167 with ( document.forms[0] ) {
168 showhide("adv", show);
170 advSWButton.value = "Hide Advanced Settings";
173 advSWButton.value = "Show Advanced Settings";
179 //////////////////////////
184 with ( document.forms[0] ) {
185 connName.value = ipsConnName;
186 remoteGWAddr.value = ipsRemoteGWAddr;
187 setSelect(localIPMode, ipsLocalIPMode);
188 localIP.value = ipsLocalIP;
189 localMask.value = ipsLocalMask;
190 setSelect(remoteIPMode, ipsRemoteIPMode);
191 remoteIP.value = ipsRemoteIP;
192 remoteMask.value = ipsRemoteMask;
193 setSelect(keyExM, ipsKeyExM);
194 setSelect(authM, ipsAuthM);
196 setSelect(certificateName, ipsCertificateName);
197 perfectFSEn.value = ipsPerfectFSEn;
198 setSelect(manualEncryptionAlgo, ipsManualEncryptionAlgo);
199 manualEncryptionKey.value = ipsManualEncryptionKey;
200 setSelect(manualAuthAlgo, ipsManualAuthAlgo)
201 manualAuthKey.value = ipsManualAuthKey;
203 setSelect(ph1Mode, ipsPh1Mode);
204 setSelect(ph1EncryptionAlgo, ipsPh1EncryptionAlgo);
205 setSelect(ph1IntegrityAlgo, ipsPh1IntegrityAlgo);
206 setSelect(ph1DHGroup, ipsPh1DHGroup);
207 ph1KeyTime.value = ipsPh1KeyTime;
208 setSelect(ph2EncryptionAlgo, ipsPh2EncryptionAlgo);
209 setSelect(ph2IntegrityAlgo, ipsPh2IntegrityAlgo);
210 setSelect(ph2DHGroup, ipsPh2DHGroup);
211 ph2KeyTime.value = ipsPh2KeyTime;
215 remoteIPModeChange();
217 showhideAdv(showAdv);
221 function applyClick() {
222 var loc = 'ipsec.cmd?action=editsubmit';
223 with ( document.forms[0] ) {
225 if ( isValidNameWSpace(connName.value) == false ) {
226 alert('Invalid connection name "' + connName.value + '".');
230 if ( isValidIpAddress(localIP.value) == false ) {
231 alert('Local IP Address "' + localIP.value + '" is invalid.');
234 if ( getSelect(localIPMode) == "subnet" && isValidSubnetMask(localMask.value) == false ) {
235 alert('Local Subnet Mask "' + localMask.value + '" is invalid.');
238 if ( isValidIpAddress(remoteIP.value) == false ) {
239 alert('Remote IP Address "' + remoteIP.value + '" is invalid.');
242 if ( getSelect(remoteIPMode) == "subnet" && isValidSubnetMask(remoteMask.value) == false ) {
243 alert('Remote Subnet Mask "' + remoteMask.value + '" is invalid.');
246 if ( getSelect(keyExM) == "auto" ) {
247 val = parseInt(ph1KeyTime.value);
248 if ( isNaN(val) == true || val < 0 ) {
249 alert('Phase 1 Key Life Time is invalid.');
253 val = parseInt(ph2KeyTime.value);
254 if ( isNaN(val) == true || val < 0 ) {
255 alert('Phase 2 Key Life Time is invalid.');
259 if ( getSelect(authM) == "certificate") {
260 if ( certificateName.options.length == 0) {
261 alert('No certificate avaiable for authentication. Use Certificate menu to add certificates or choose another autentication method.');
266 if ( getSelect(keyExM) == "manual" ) {
268 if ( getSelect(manualEncryptionAlgo) == "des-cbc") {
271 else if ( getSelect(manualEncryptionAlgo) == "3des-cbc") {
277 if ( ekeys != -1 && isValidHexKey(manualEncryptionKey.value, ekeys) == false) {
278 alert('Invalid Manual Encryption Key.');
282 if ( getSelect(manualAuthAlgo) == "hmac-md5") {
285 else if ( getSelect(manualAuthAlgo) == "hmac-sha1") {
291 if ( akeys != -1 && isValidHexKey(manualAuthKey.value, akeys) == false) {
292 alert('Invalid Manual Authentication Key.');
297 loc += '&ipsTableIndex=' + ipsTableIndex;
298 loc += '&ipsConnName=' + connName.value;
299 loc += submitText(connName, 'ipsConnName');
300 loc += submitText(remoteGWAddr, 'ipsRemoteGWAddr');
301 loc += submitSelect(localIPMode, 'ipsLocalIPMode');
302 loc += submitText(localIP, 'ipsLocalIP');
303 loc += submitText(localMask, 'ipsLocalMask');
304 loc += submitSelect(remoteIPMode, 'ipsRemoteIPMode');
305 loc += submitText(remoteIP, 'ipsRemoteIP');
306 loc += submitText(remoteMask, 'ipsRemoteMask');
307 loc += submitSelect(keyExM, 'ipsKeyExM');
308 loc += submitSelect(authM, 'ipsAuthM');
309 loc += submitText(psk, 'ipsPSK');
310 loc += submitSelect(certificateName, 'ipsCertificateName');
311 loc += submitSelect(perfectFSEn, 'ipsPerfectFSEn');
312 loc += submitSelect(manualEncryptionAlgo, 'ipsManualEncryptionAlgo');
313 loc += submitText(manualEncryptionKey, 'ipsManualEncryptionKey');
314 loc += submitSelect(manualAuthAlgo, 'ipsManualAuthAlgo');
315 loc += submitText(manualAuthKey, 'ipsManualAuthKey');
316 loc += submitText(spi, 'ipsSPI');
317 loc += submitSelect(ph1Mode, 'ipsPh1Mode');
318 loc += submitSelect(ph1EncryptionAlgo, 'ipsPh1EncryptionAlgo');
319 loc += submitSelect(ph1IntegrityAlgo, 'ipsPh1IntegrityAlgo');
320 loc += submitSelect(ph1DHGroup, 'ipsPh1DHGroup');
321 loc += submitText(ph1KeyTime, 'ipsPh1KeyTime');
322 loc += submitSelect(ph2EncryptionAlgo, 'ipsPh2EncryptionAlgo');
323 loc += submitSelect(ph2IntegrityAlgo, 'ipsPh2IntegrityAlgo');
324 loc += submitSelect(ph2DHGroup, 'ipsPh2DHGroup');
325 loc += submitText(ph2KeyTime, 'ipsPh2KeyTime');
328 var code = 'location = "' + loc + '"';
337 <body onLoad="formLoad()">
340 <b>IPSec Settings</b>
342 <table border="0" cellpadding="0" cellspacing="2" width="100%">
344 <td width="40%"> IPSec Connection Name </td>
345 <td> <input name="connName" size="20" maxlength="60" value="testconnection" type="text"> </td>
348 <td width="40%">Remote IPSec Gateway Address (IP or Domain Name)</td>
349 <td><input name="remoteGWAddr" size="20" maxlength="255" value="" type="text"></td>
352 <table border="0" cellpadding="0" cellspacing="2" width="100%">
353 <tr><td> </td></tr>
355 <td width="40%"> Tunnel access from local IP addresses </td>
357 <select name="localIPMode" onchange="localIPModeChange();">
358 <option value="subnet">Subnet</option>
359 <option value="single">Single Address</option>
364 <div id = "IP11"><table border="0" cellpadding="0" cellspacing="2" width="100%">
366 <td width="40%"> IP Address for VPN</td>
367 <td> <input name="localIP" type="text"> </td>
371 <div id = "IP12"><table border="0" cellpadding="0" cellspacing="2" width="100%">
373 <td width="40%"> IP Subnetmask</td>
374 <td> <input name="localMask" type="text"> </td>
377 <table border="0" cellpadding="0" cellspacing="2" width="100%">
378 <tr><td></td><td> </td></tr>
380 <td width="40%"> Tunnel access from remote IP addresses </td>
382 <select name="remoteIPMode" onchange="remoteIPModeChange();">
383 <option value="subnet" selected>Subnet</option>
384 <option value="single">Single Address</option>
389 <div id = "IP21"><table border="0" cellpadding="0" cellspacing="2" width="100%">
391 <td width="40%"> IP Address for VPN</td>
392 <td> <input name="remoteIP" type="text"> </td>
395 <div id = "IP22"><table border="0" cellpadding="0" cellspacing="2" width="100%">
397 <td width="40%"> IP Subnetmask</td>
398 <td> <input name="remoteMask" type="text"> </td>
401 <table border="0" cellpadding="0" cellspacing="2" width="100%">
402 <tr><td> </td><td> </td></tr>
404 <td width="40%">Key Exchange Method </td>
405 <td><select name="keyExM" onChange="keyauthChange();">
406 <option value="auto">Auto(IKE)</option>
407 <option value="manual">Manual</option>
412 <div id="AutoKeyEx"><table border="0" cellpadding="0" cellspacing="2" width="100%">
414 <td width="40%"> Authentication Method </td>
416 <select name="authM" onChange="keyauthChange();">
417 <option value="pre_shared_key">Pre-Shared Key</option>
418 <option value="certificate">Certificate (X.509)</option>
423 <div id="PSK"><table border="0" cellpadding="0" cellspacing="2" width="100%">
425 <td width="40%">Pre-Shared Key</td>
426 <td> <input name="psk"></td>
429 <div id="Certificate">
430 <table border="0" cellpadding="0" cellspacing="2" width="100%">
432 <td width="40%"> Certificates </td>
433 <td><select name="certificateName">
437 <table border="0" cellpadding="0" cellspacing="2" width="100%">
439 <td width="40%">Perfect Forward Secrecy</td>
441 <select name="perfectFSEn">
442 <option value="enable">Enable</option>
443 <option value="disable">Disable</option>
447 <tr><td> </td></tr>
449 <td width="40%">Advanced IKE Settings</td>
450 <td><input name="advSWButton" type="button" value="Show Advanced Settings" onclick="switchAdv();" ></td>
453 <div id="ManualKey"> <table border="0" cellpadding="0" cellspacing="2" width="100%">
455 <td width="40%">Encryption Algorithm</td>
457 <select name="manualEncryptionAlgo">
458 <option value="des-cbc">DES</option>
459 <option value="3des-cbc" selected>3DES</option>
460 <option value="aes-ctr">AES</option>
465 <td width = "40%"> Encryption Key </td>
466 <td> <input name="manualEncryptionKey", size = "40" maxlength = "60" value="a0bc8475912431d1"> DES: 16 digit Hex, 3DES: 48 digit Hex <br></td>
469 <td width="40%">Authentication Algorithm</td>
471 <select name="manualAuthAlgo">
472 <option value="hmac-md5">MD5</option>
473 <option value="hmac-sha1">SHA1</option>
478 <td> Authentication Key </td>
479 <td> <input name="manualAuthKey" size="50" maxlength = "60" value="a0bc8475912431d1a7bc458ef12837516"> MD5: 32 digit Hex, SHA1: 40 digit Hex </td>
483 <td> <input name="spi" size="8" maxlength = "8" value="105"> Hex 100-FFFFFFFF</td>
487 <table border="0" cellpadding="0" cellspacing="2" width="100%">
492 <td width="40%">Mode</td>
494 <select name="ph1Mode">
495 <option value="main">Main</option>
496 <option value="aggressive">Aggressive</option>
501 <td width="40%">Encryption Algorithm</td>
503 <select name="ph1EncryptionAlgo">
504 <option value="des">DES</option>
505 <option value="3des" selected>3DES</option>
506 <option value="aes128">AES - 128</option>
507 <option value="aes192">AES - 192</option>
508 <option value="aes256">AES - 256</option>
513 <td width="40%">Integrity Algorithm</td>
515 <select name="ph1IntegrityAlgo">
516 <option value="md5">MD5</option>
517 <option value="sha1">SHA1</option>
521 <td width="40%">Select Diffie-Hellman Group for Key Exchange</td>
523 <select name="ph1DHGroup">
524 <option value="modp768">768bit</option>
525 <option value="modp1024">1024bit</option>
526 <option value="modp1536">1536bit</option>
527 <option value="modp2048">2048bit</option>
528 <option value="modp3072">3072bit</option>
529 <option value="modp4096">4096bit</option>
530 <option value="modp6144">6144bit</option>
531 <option value="modp8192">8192bit</option>
536 <td width="40%">Key Life Time </td>
537 <td> <input name="ph1KeyTime" >   Seconds </td>
540 <tr><td> </td></tr>
545 <td width="40%">Encryption Algorithm</td>
547 <select name="ph2EncryptionAlgo">
548 <option value="des">DES</option>
549 <option value="3des" selected >3DES</option>
550 <option value="aes128">AES - 128</option>
551 <option value="aes192">AES - 192</option>
552 <option value="aes256">AES - 256</option>
557 <td width="40%">Integrity Algorithm</td>
559 <select name="ph2IntegrityAlgo">
560 <option value="hmac_md5">MD5</option>
561 <option value="hmac_sha1">SHA1</option>
566 <td width="40%">Select Diffie-Hellman Group for Key Exchange</td>
568 <select name="ph2DHGroup">
569 <option value="modp768">768bit</option>
570 <option value="modp1024">1024bit</option>
571 <option value="modp1536">1536bit</option>
572 <option value="modp2048">2048bit</option>
573 <option value="modp3072">3072bit</option>
574 <option value="modp4096">4096bit</option>
575 <option value="modp6144">6144bit</option>
576 <option value="modp8192">8192bit</option>
581 <td width="40%">Key Life Time </td>
582 <td> <input name="ph2KeyTime" >   Seconds </td>
586 <table border="0" cellpadding="0" cellspacing="2" width="100%">
587 <tr><td></td><td> </td></tr>
589 <td colspan="2" align="center">
590 <input value="Save / Apply" type="button" onclick="applyClick();" >