ISAKMP-SA encryption, IPsec-SA encryption
Agree with the administrator of the remote station which encryption method will be
used for the ISAKMP-SA and the IPsec-SA. The SINAUT MD741-1 supports the
following methods:
3DES-168
●
AES-128
●
AES-192
●
AES-256
●
3DES-168 is a commonly used method and is therefore set as the default.
The method can be defined differently for ISAKMP-SA and IPsec-SA.
Note:
The more bits in the encryption algorithm - indicated by the appended number - the
more secure it is. The method AES-256 is therefore considered the most secure.
However, the longer the key, the more time the encryption process takes and the
more computing power is required.
ISAKMP-SA hash, IPsec-SA hash
Agree with the administrator of the remote station which method will be used for
computing checksums/hashes during the ISAKMP phase and the IPsec phase. The
following selections are available:
MD5 or SHA-1 (automatic detection)
●
MD5
●
SHA-1
●
The method can be defined differently for ISAKMP-SA and IPsec-SA.
ISAKMP-SA mode
Agree with the administrator of the remote station which method will be used for
negotiating the ISAKMP-SA. The following selections are available:
Main mode
●
Aggressive mode
●
SINAUT MD741-1
C79000- G8976-C212
VPN connection
73