Extreme Networks Altitude 4700 Series Product Reference Manual page 234

Configuring Access Point Security
To configure auto key settings for the access point:
1 Select Network Configuration > WAN > VPN from the access point menu tree.
2 Refer to the VPN Tunnel Config field, select the Auto (IKE) Key Exchange radio button and click the
Auto Key Settings button.
3 Configure the Auto Key Settings screen to modify the following:
Use Perfect
Forward Secrecy
Security
Association Life
Time
AH Authentication
ESP Type
234
Forward secrecy is a key-establishment protocol
guaranteeing the discovery of a session key or long-term
private key does not compromise the keys of other
sessions. Select Yes to enable Perfect Forward Secrecy.
Select No to disable Perfect Forward Secrecy.
The Security Association Life Time is the configurable
interval used to timeout association requests that exceed
the defined interval. The available range is from 300 to
65535 seconds. The default is 300 seconds.
AH provides data authentication and anti-replay services
for the VPN tunnel. Select the desired authentication
method from the drop-down menu.
• None—Disables AH authentication. No keys are
required to be manually provided.
• MD5—Enables the Message Digest 5 algorithm. No
keys are required to be manually provided.
• SHA1—Enables Secure Hash Algorithm 1. No keys are
required to be manually provided.
ESP provides packet encryption, optional data
authentication and anti-replay services for the VPN tunnel.
Use the drop-down menu to select the ESP type.
• None—Disables ESP. The rest of the fields are not
active.
• ESP—Enables ESP for this tunnel.
• ESP with Authentication—Enables ESP with
authentication.
Altitude 4700 Series Access Point Product Reference Guide