User's Manual
12.3.2 Configuring IP Security Proposal Table
The IP Security Proposal Table page is used to configure Internet Key Exchange (IKE) with
up to four proposal settings. Each proposal defines an encryption algorithm, an
authentication algorithm, and a Diffie-Hellman group identifier. The same set of proposals
applies to both Main mode and Quick mode.
Note:
To configure IP Security Proposals:
1.
Open the IP Security Proposal Table page (Configuration tab > VoIP menu >
Security submenu > IPSec Proposal Table).
2.
Click the Add button; the following dialog box appears:
Figure 12-4: IP Security Proposals Table - Add Record Dialog Box
3.
Configure the parameters, as required. For a description of the parameters, see the
table below.
4.
Click Submit.
5.
To save the changes to flash memory, see 'Saving Configuration' on page 520.
Parameter Name
Encryption Algorithm
[IPsecProposalTable_Enc
ryptionAlgorithm]
Authentication Algorithm
[IPsecProposalTable_Aut
henticationAlgorithm]
Diffie Hellman Group
[IPsecProposalTable_DH
Group]
Version 6.6
You can also configure the IP Security Proposals table using the table ini file
parameter IPsecProposalTable (see 'Security Parameters' on page 669).
IP Security Proposals Table Configuration Parameters
Defines the encryption (privacy) algorithm.
[0] NONE
[1] DES CBC
[2] 3DES CBC
[3] AES (default)
Defines the message authentication (integrity) algorithm.
[0] NONE
[2] HMAC SHA1 96
[4] HMAC MD5 96 (default)
Defines the length of the key created by the DH protocol for up to four
proposals. For the ini file parameter, X denotes the proposal number
(0 to 3).
[0] Group 1 (768 Bits) = DH-786-Bit
[1] Group 2 (1024 Bits) (default) = DH-1024-Bit
Description
151
12. Security
Mediant 3000