Table of Contents
Advertisement
Phase 2 advanced options
Phase 2 advanced options
252
Tunnel Name
Type a name to identify the tunnel configuration.
Remote
Select the phase 1 configuration to assign to this tunnel. See
page
246. The phase 1 configuration describes how remote peers or clients
Gateway
will be authenticated on this tunnel, and how the connection to the remote
peer or client will be secured.
Concentrator
If the tunnel will be included in a hub-and-spoke configuration, you may select
the concentrator from the list. The hub must be added to the FortiGate
configuration before it can be selected here. See
Figure 125:Phase 2 advanced settings
P2 Proposal
Select the encryption and authentication algorithms that will be used to
change data into encrypted code.
Add or delete encryption and authentication algorithms as required. Select a
minimum of one and a maximum of three combinations. The remote peer
must be configured to use at least one of the proposals that you define.
You can select any of the following symmetric-key algorithms:
•
NULL-Do not use an encryption algorithm.
•
DES-Digital Encryption Standard, a 64-bit block algorithm that uses a 56-
bit key.
•
3DES-Triple-DES, in which plain text is encrypted three times by three
keys.
•
AES128-A 128-bit block algorithm that uses a 128-bit key.
•
AES192-A 128-bit block algorithm that uses a 192-bit key.
•
AES256-A 128-bit block algorithm that uses a 256-bit key.
01-28007-0068-20041203
VPN
"Phase 1" on
"Concentrator" on page
256.
Fortinet Inc.
Hide quick links:
Advertisement
Table of Contents
