Figure 78: Ipsec Policy Configuration - D-Link DSR-250N User Manual

Unified Services Router

Figure 78: IPsec policy configuration

Once the tunnel type and endpoints of the tunnel are defined you can determine the
Phase 1 / Phase 2 negotiation to use for the tunnel. This is covered in the IPsec mode
setting, as the policy can be Manual or Auto. For Auto policies, the Internet Key
Exchange (IKE) protocol dynamically exchanges keys between two IPsec hosts. The
Phase 1 IKE parameters are used to define the tunnel's security association details.
The Phase 2 Auto policy parameters cover the security association lifetime and
encryption/authentication details of the phase 2 key negotiation.
115
User Manual