Create Site to Site VPN
Hash
D-H Group
Note
Authentication
Type
Cisco Router and Security Device Manager Version 2.2 User's Guide
8-42
The authentication algorithm to be used for the negotiation. SDM supports the
following algorithms:
SHA_1—Secure Hash Algorithm. A hash algorithm used to authenticate
•
packet data.
MD5—Message Digest 5. A hash algorithm used to authenticate packet data.
•
The Diffie-Hellman Group—Diffie-Hellman is a public-key cryptography
protocol that allows two routers to establish a shared secret over an unsecure
communications channel. SDM supports the following groups:
group1—D-H Group 1. 768-bit D-H Group.
•
group2—D-H Group 2. 1024-bit D-H Group. This group provides more
•
security than group 1, but requires more processing time.
group5—D-H Group 5.1536-bit D-H Group. This group provides more
•
security than group 2, but requires more processing time.
Diffie-Hellman group5 is not supported on all routers.
The authentication method to be used. The following value is supported:
PRE_SHARE—Authentication will be performed using pre-shared keys.
•
RSA_SIG—Authentication will be performed using digital certificates.
•
Either SDM Default or User Defined. If no User Defined policies have been
created on the router, this window will show the default IKE policy.
Chapter 8
Site-to-Site VPN
OL-4015-08