13-28 VPN Screens
Figure 13-8 VPN Branch Office Advanced Rule Setup
The following table describes the fields in this screen.
Table 13-10 VPN Branch Office Advanced Rule Setup
LABEL
As a VPN setup is processing intensive, the system is vulnerable to Denial of Service (DOS)
Enable Replay
attacks The IPSec receiver can detect and reject old or duplicate packets to protect against
Detection
replay attacks. Enable replay detection by setting this field to YES.
IKE Phase 1
A phase 1 exchange establishes an IKE SA (Security Association).
Select Main or Aggressive from the drop-down list box. The Contivity 221's negotiation
Negotiation Mode
mode should be identical to that on the remote VPN switch.
317517-A Rev 00
DESCRIPTION