Table of Contents
Advertisement
Phase 1 settings page
Set the length of time before Phase 1 is renegotiated in the Key lifetime (s) field. In this
example, leave the Key Lifetime as the default value of 3600 minutes.
Set the time for when the new key is negotiated before the current key expires in the
Rekeymargin field. In this example, leave the Rekeymargin as the default value of 600
seconds.
Set the maximum percentage by which the Rekeymargin should be randomly increased
to randomize rekeying intervals in the Rekeyfuzz field. The Key lifetimes for both Phase
1 and Phase 2 are dependent on these values and must be greater that the value of
"Rekeymargin x (100 + Rekeyfuzz) / 100." In this example, leave the Rekeyfuzz as the
default value of 100%.
Enter a secret in the Preshared Secret field. This must remain confidential. In this
example, enter the Preshared Secret used at the branch office SnapGear unit, which
was: This secret must be kept confidential
Select a Phase 1 Proposal. In this example, select the 3DES-SHA-Diffie Hellman
Group 2 (1024 bit) option (same as the Branch Office Phase 1 Proposal).
Click Next to configure the Phase 2 Settings.
Phase 2 settings page
Select Network of LAN (Switch A) for the Local Network, enter 192.168.2.0/24 for the
Remote Network and click Add.
Set the length of time before Phase 2 is renegotiated in the Key lifetime (s) field. In this
example, leave the Key Lifetime as the default value of 600 seconds.
Select a Phase 2 Proposal. In this example, select the 3DES-SHA-Diffie Hellman
Group 2 (1024 bit) option (same as the Branch Ofiice Phase 2 Proposal).
Click Finish to save the tunnel configuration.
Virtual Private Networking
229
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the SG300 and is the answer not in the manual?
Questions and answers