Table of Contents
Advertisement
• Key-ID: Random character string
• User-FQDN: Domain name with a user
Remote ID
• IP address: IP address format
• FQDN: Set in domain name format.
• Key-ID: Character string can be 1~47
• User-FQDN: Set in the form
Encryption
Set the encryption algorithm to be used
Algorithms
for IKE phase 1.
• AES256-CBC
• AES192-CBC
• AES128-CBC
• 3DES-CBC
Authentication
Set the authentication algorithm to be
Algorithms
used for IKE phase 1.
• HMAC-SHA1
• HMAC-SHA2-256
• HMAC-MD5
Life Time (sec)
Set the validity period of the IKE SA.
Input range is from 300 to 691,200
seconds.
DH-Group
Set the encryption strength of the
Diffie-Hellman Key exchange.
• 768bit
• 1024bit
• 1536bit
• 2048bit
DPD-Keepalive
Set whether to use DPD-Keepalive
function for the detection of
name
Set ID according to the format of the
selected "Remote ID Setting".
Character string can be 1~64
alphanumeric characters.
alphanumeric characters.
"username@domainname". Character
string can be 3~160 alphanumeric
characters.
*ASCII (0x21~0x7e) characters can be
used for "FQDN", "Key-ID", "User-
FQDN" except the following: " ' ` #
\ $ = ?<space>
Sample input
IP address: 192.0.2.222
FQDN:
remote.example.com
Key-ID: RemoteID-1
User-FQDN:
adm@example.com
Use a value that is smaller
than the one set at the
destination. Rekey is done
at random between 70%
to 85% of the set lifetime.
DPD (Dead Peer
Detection)
|Setting/Setting Confirmation
Not set
AES256-CBC
HMAC-SHA1
28800
768bit
Disabled
211
Advertisement
Table of Contents
