Table of Contents
Advertisement
Robustel MEG5000 User Guide
Item
IKE Type
Negotiation Mode
Authentication
Algorithm
Encrypt Algorithm
IKE DH Group
Authentication Type
PSK Secret
Local ID Type
Remote ID Type
IKE Lifetime
Private Key Password
Username
Password
RT_UG_MEG5000_v.1.0.3
Description
Select from "IKEv1" or "IKEv2" as IKE version.
Select from "Main" and "Aggressive" for the IKE negotiation mode in phase 1.
If the IP address of one end of an IPsec tunnel is obtained dynamically, the IKE
negotiation mode must be aggressive. In this case, SAs can be established as
long as the username and password are correct.
Select from "MD5", "SHA1", "SHA2 256" or "SHA2 512" to be used in IKE
negotiation.
Select from "3DES", "AES128" and "AES256"to be used in IKE negotiation.
3DES: Use 168-bit 3DES encryption algorithm in CBC mode
AES128: Use 128-bit AES encryption algorithm in CBC mode
AES256: Use 256-bit AES encryption algorithm in CBC mode
Select from "DHgroup1", "DHgroup2", "DHgroup5", "DHgroup14",
"DHgroup15", "DHgroup16", "DHgroup17" "or "DHgroup18" to be used in key
negotiation phase 1.
Select from "PSK", "CA", "xAuth PSK" and "xAuth CA" to be used in IKE
negotiation.
PSK: Pre-shared Key
CA: x509 Certificate Authority
xAuth: Extended Authentication to AAA server
Enter the pre-shared key.
Select from "Default", "FQDN" and "User FQDN" for IKE negotiation.
Default: Use an IP address as the ID in IKE negotiation
FQDN: Use an FQDN type as the ID in IKE negotiation. If this option is
selected, type a name without any at sign (@) for the local security
gateway, e.g., test.robustel.com
User FQDN: Use a user FQDN type as the ID in IKE negotiation. If this
option is selected, type a name string with a sign "@" for the local
security gateway, e.g., test@robustel.com
Select from "Default", "FQDN" and "User FQDN" for IKE negotiation.
Default: Use an IP address as the ID in IKE negotiation
FQDN: Use an FQDN type as the ID in IKE negotiation. If this option is
selected, type a name without any at sign (@) for the local security
gateway, e.g., test.robustel.com
User FQDN: Use a user FQDN type as the ID in IKE negotiation. If this
option is selected, type a name string with a sign "@" for the local
security gateway, e.g., test@robustel.com
Set the lifetime in IKE negotiation. Before an SA expires, IKE negotiates a new
SA. As soon as the new SA is set up, it takes effect immediately and the old
one will be cleared automatically when it expires.
Enter the private key under the "CA" and "xAuth CA" authentication types.
Enter the username used for the "xAuth PSK" and "xAuth CA" authentication
types.
Enter the password used for the "xAuth PSK" and "xAuth CA" authentication
IKE Settings
12 Dec, 2018
Default
IKEv1
Main
MD5
3DES
DHgroup2
PSK
Null
Default
Default
86400
Null
Null
Null
89/150
Advertisement
Table of Contents
Need help?
Do you have a question about the MEG5000 and is the answer not in the manual?