Table of Contents
Advertisement
1. Click the Notepad icon in the Group VPN entry. The VPN Policy window is displayed.
General
2. In the General tab, IKE using Preshared Secret is the default setting for IPSec Keying Mode. A
Shared Secret is automatically generated in the Shared Secret field, or you can generate your own
shared secret. Shared Secrets must be minimum of four characters.
Proposals
3. Click the Proposals tab to continue the configuration process.
In the IKE (Phase 1) Proposal section, select the following settings:
Group 2 from the DH Group menu.
3DES from the Encryption menu
SHA1 from the Authentication menu
Leave the default setting, 28800, in the Life Time (secs) field. This setting forces the tunnel to
renegotiate and exchange keys every 8 hours.
In the IPSec (Phase 2) Proposal section, select the following settings:
ESP from the Protocol menu
3DES from the Encryption menu
MD5 from the Authentication menu
Select Enable Perfect Forward Secrecy if you want an additional Diffie-Hellman key exchange as
an added layer of security. Then select Group 2 from the DH Group menu.
VPN Page 99
Advertisement
Table of Contents
