Configuring Virtual Private Networks and Security
Configuring VPNs
STEP 1
STEP 2
STEP 3
STEP 4
Cisco RV220W Administration Guide
IKE SA Parameters
The Security Association (SA) parameters define the strength and the mode for
negotiating the SA.
Choose the encryption algorithm, or the algorithm used to negotiate the SA:
•
DES
•
3DES
•
AES-128
•
AES-192
•
AES-256
Specify the authentication algorithm for the VPN header:
•
MD5
•
SHA-1
•
SHA2-256
•
SHA2-384
•
SHA2-512
Ensure that the authentication algorithm is configured identically on
NOTE
both sides.
Choose the authentication method:
•
Select Pre-Shared Key for a simple password based key that is shared with
the IKE peer.
•
Selecting RSA-Signature disables the pre-shared key text box and uses the
active self certificate uploaded in the Certificates page. In that case, a
certificate must be configured in order for RSA-Signature to work.
The double quote character (") is not supported in the pre-shared key.
NOTE
Choose the Diffie-Hellman (DH) Group algorithm, which is used when exchanging
keys. The DH Group sets the strength of the algorithm in bits.
Ensure that the DH Group is configured identically on both sides of the
NOTE
IKE policy.
5
110