Table of Contents
Advertisement
VPN connection
Note:
The more bits in the encryption algorithm - indicated by the appended number - the
more secure it is. The method AES-256 is therefore considered the most secure.
However, the longer the key, the more time the encryption process takes and the
more computing power is required.
ISAKMP-SA hash, IPsec-SA hash
Agree with the administrator of the remote station which method will be used for
computing checksums/hashes during the ISAKMP phase and the IPsec phase. The
following selections are available:
MD5 or SHA-1 (automatic detection)
●
MD5
●
SHA-1
●
The method can be defined differently for ISAKMP-SA and IPsec-SA.
ISAKMP-SA mode
Agree with the administrator of the remote station which method will be used for
negotiating the ISAKMP-SA. The following selections are available:
Main mode
●
Aggressive mode
●
DH/PFS group
Agree with the administrator of the remote station the DH group for the key
exchange.
ISAKMP-SA lifetime, IPsec-SA lifetime
The keys for an IPsec connection are renewed at certain intervals in order to
increase the effort required to attack an IPsec connection.
Specify the lifetime (in seconds) of the keys agreed on for the ISAKMP-SA and
IPsec-SA.
The lifetime can be defined differently for ISAKMP-SA and IPsec-SA.
82
SINAUT MD741-1
C79000- G8976-C212
- Quick Links:
- Configuration
Hide quick links:
Advertisement
Chapters
Table of Contents
