ProSecure Unified Threat Management (UTM) Appliance
Table 69. Add New VPN Policy screen settings (continued)
Setting
Encryption Algorithm
Key-In
Key-Out
SPI-Outgoing
Integrity Algorithm
Key-In
Key-Out
Virtual Private Networking Using IPSec Connections
Description
From the drop-down list, select one of the following five algorithms to negotiate
the security association (SA):
•
DES. Data Encryption Standard (DES).
•
3DES. Triple DES. This is the default algorithm.
•
AES-128. Advanced Encryption Standard (AES) with a 128-bit key size.
•
AES-192. AES with a 192-bit key size.
•
AES-256. AES with a 256-bit key size.
The encryption key for the inbound policy. The length of the key depends on the
selected encryption algorithm:
•
DES. Enter 8 characters.
•
3DES. Enter 24 characters.
•
AES-128. Enter 16 characters.
•
AES-192. Enter 24 characters.
•
AES-256. Enter 32 characters.
The encryption key for the outbound policy. The length of the key depends on
the selected encryption algorithm:
•
DES. Enter 8 characters.
•
3DES. Enter 24 characters.
•
AES-128. Enter 16 characters.
•
AES-192. Enter 24 characters.
•
AES-256. Enter 32 characters.
The Security Parameters Index (SPI) for the outbound policy. Enter a
hexadecimal value between 3 and 8 characters (for example, 0x1234).
From the drop-down list, select one of the following algorithms to be used in the
VPN header for the authentication process:
•
SHA-1. Hash algorithm that produces a 160-bit digest. This is the default
setting.
•
MD5. Hash algorithm that produces a 128-bit digest.
•
SHA-256. Hash algorithm that produces a 256-bit key size.
•
SHA-512. Hash algorithm that produces a 512-bit key size.
The integrity key for the inbound policy. The length of the key depends on the
selected integrity algorithm:
•
MD5. Enter 16 characters.
•
SHA-1. Enter 20 characters.
•
SHA-256. Enter 32 characters.
•
SHA-512. Enter 64 characters.
The integrity key for the outbound policy. The length of the key depends on the
selected integrity algorithm:
•
MD5. Enter 16 characters.
•
SHA-1. Enter 20 characters.
•
SHA-256. Enter 32 characters.
•
SHA-512. Enter 64 characters.
288