Planet SG-4800 User Manual page 115

Gigabit ssl vpn security router

Hide thumbs Also See for SG-4800:

Quick installation manual (12 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

page of 182

/ 182
Contents
Table of Contents
Bookmarks

Table of Contents

IKE Protocol

Click the shared key generated by IKE to encrypt and authenticate the remote user. If PFS (Perfect Forward

Secrecy) is enabled, the Phase 2 shared key generated during the IKE coordination will conduct further

encryption and authentication. When PFS is enabled, hackers using brute force to capture the key will not be

able to get the Phase 2 key in such a short period of time.

Item

Description

When users check the PFS option, don't forget to activate the PFS function of the VPN

Perfect Forward

device and the VPN Client as well.

Secrecy

 T his option allows users to select Diffie-Hellman groups: Group 1/ Group 2/ Group 5.

Phase 1/ Phase 2

DH Group

 P hase 1/ Phase 2

This option allows users to set this VPN tunnel to use any encryption mode. Note that

this parameter must be identical to that of the remote encryption parameter: DES (64-bit

Encryption

encryption mode), 3DES (128-bit encryption mode), AES (the standard of using security

code to encrypt information). It supports 128-bit, 192-bit, and 256-bit encryption keys.

 T his authentication option allows users to set this VPN tunnel to use any authentication

Phase 1/Phase 2

mode. Note that this parameter must be identical to that of the remote authentication

Authentication

mode: "MD5" or "SHA1".

The life time for this exchange code is set to 28800 seconds (or 8hours) by default. This

Phase 1 SA Life

allows the automatic generation of other exchange password within the valid time of the

Time

VPN connection so as to guarantee security.

The life time for this exchange code is set to 3600 seconds (or 1hours) by default. This

Phase2 SA Life

allows the automatic generation of other exchange password within the valid time of the

Time

VPN connection so as to guarantee security.

Advanced Setting- for IKE Preshareed Key Only

The advanced settings include Main Mode and Aggressive mode. For the Main mode, the default setting is set to

VPN operation mode. The connection is the same to most of the VPN devices.

Gigabit SSL VPN Security Router User's Manual

- 109 -

Table of Contents

Planet SG-4800 User Manual page 115

Related Manuals for Planet SG-4800

Related Products for Planet SG-4800

Table of Contents