Table of Contents
Advertisement
Chapter 4 Advanced Features
Field
Phase 1 SA lifetime
Phase 2 encryption
Phase 2 authentication Allows you to select an authentication type for another level of
Phase 2 SA lifetime
72
Description
Allows you to enter the number of seconds for an individual rotating
key to last until a re-key negotiation between each endpoint occurs.
Smaller lifetimes are generally more secure since it would give a hacker
a smaller amount of time to try to crack the key. However, key
negotiation does take up bandwidth, so network throughput is
sacrificed with small lifetimes. The default setting is 28,800 seconds
Allows you to select the form of encryption to secure the VPN
connection between endpoints. Select from the following five
encryption types:
DES
3DES
AES-128
AES-192
AES-256
You may select any form of encryption as long as long as the other end
of the VPN tunnel uses the same method
Note: 3DES encryption is commonly used, but AES is recommended
because it is very difficult to crack.
security. Select one of the following three authentication types:
MD5
SHA
Null (none)
You may choose any authentication type as long as the other end of the
VPN tunnel uses the same method
Note: SHA is recommended because it is more secure.
Allows you to enter the number of seconds for an individual rotating
key to last until a re-key negotiation between each endpoint occurs.
Smaller lifetimes are generally more secure since it would give a hacker
a smaller amount of time to try to crack the key. However, key
negotiation does take up bandwidth, so network throughput is
sacrificed with small lifetimes. The default setting for Phase 2 is 3,600
seconds.
68-4004214-01 Rev D
Advertisement
Table of Contents
Troubleshooting
