Table of Contents
Advertisement
FIELD
Active Protocol Press [SPACE BAR] to choose from ESP or AH and then press [ENTER]. See
earlier for a discussion of these protocols.
Encryption
Press [SPACE BAR] to choose from NULL, 3DES or DES and then press
[ENTER]. Select NULL to set up a tunnel without encryption.
Algorithm
Authentication
Press [SPACE BAR] to choose from SHA1 or MD5 and then press [ENTER].
Algorithm
SA Life Time
Define the length of time before an IPSec Security Association automatically
(Seconds)
renegotiates in this field. It may range from 60 to 3,000,000 seconds (almost
35 days).
Encapsulation Press [SPACE BAR] to choose from Tunnel mode or Transport mode and
then press [ENTER]. See earlier for a discussion of these.
Perfect
Perfect Forward Secrecy (PFS) is disabled (None) by default in phase 2
Forward
IPSec SA setup. This allows faster IPSec setup, but is not so secure. Press
Secrecy (PFS)
[SPACE BAR] and choose from DH1 or DH2 to enable PFS. DH1 refers to
Diffie-Hellman Group 1 a 768 bit random number. DH2 refers to Diffie-Hellman
Group 2 a 1024 bit (1Kb) random number (more secure, yet slower).
When you have completed this menu, press [ENTER] at the prompt "Press ENTER to Confirm..." to save
your configuration, or press [ESC] at any time to cancel.
43.5 Manual Setup
You only configure Menu 27.1.1.2 – Manual Setup when you select Manual in the Key Management field
in Menu 27.1.1 – IPSec Setup. Manual key management is useful if you have problems with IKE key
management.
43.5.1 Active Protocol
This field is a combination of mode and security protocols used for the VPN. See the Web Configurator part
on VPN for more information on these parameters.
Table 43-4 Active Protocol: Encapsulation and Security Protocol
Tunnel
Transport
VPN/IPSec Setup
Table 43-3
Menu 27.1.1.1 IKE Setup
DESCRIPTION
MODE
Prestige 653HWI Series User's Guide
SECURITY PROTOCOL
ESP
AH
EXAMPLE
ESP
DES
MD5
28800
(default)
Tunnel
None
43-13
Advertisement
Table of Contents
