Table of Contents
Advertisement
SINAUT MD740-1
Consequence: the screen illustrated below appears:
2. Enter the agreed sequence of characters in the field Pre-
Shared Secret Key (PSK). To obtain security
comparable to 3DES, the sequence of characters should
consists of approx. 30 randomly selected lower and
upper case characters and numerals.
3. Click on Back.
!
Pre-Shared Secret Key cannot be used with dynamic
(%any) IP addresses; only fixed IP addresses or hostnames
on both sides are supported.
ISAKMP SA (Key Exchange)
Encryption algorithm
! Agree with the administrator of the remote site as to
which encryption method is to be used.
3DES-168 is the most commonly used method and is
therefore preset as the standard.
Basically, the following applies: the more bits an encryption
algorithm has – indicated by the number shown – the more
secure it is. The relatively new AES-256 method is therefore
considered to be the safest, but it is not yet so widespread.
The longer the key, the more time-consuming the encryption
process. This aspect is of no consequence to the
SINAUT MD740-1 because it works with hardware-based
encryption technology. Nevertheless, this aspect could be
significant for the remote site.
The selectable algorithm marked "Zero" contains no
encryption at all.
Checksum algorithm/Hash
Leave the setting on All algorithms. Then it makes no
difference whether the remote site works with MD5 or
SHA-1.
IPsec SA (data exchange)
Unlike ISAKMP SA (Key Exchange) (see above) the method
Configuration
43 von 105
Advertisement
Table of Contents
