Group Description Attribute: Select the Diffie-Hellman (DH) group
description(s). Diffie-Hellman is a public-key cryptography scheme that
allows two parties to establish a shared secret over an insecure
communications channel.
♦ IPSec Automatic Phase 2 – Key Definition:
Figure 47-48: IPSec Tab - IPSec Automatic Phase 2
Life Time in Seconds: The length of time before a security association
automatically performs renegotiation.
Use Perfect Forward Secrecy (PFS): Select whether Perfect Forward
Secrecy of keys is required on the connection's keying channel (with
PFS, penetration of the key-exchange protocol does not compromise
keys negotiated earlier). Deselecting this option hides the next
parameter.
- Group Description Attribute: Select whether to use the same group
chosen in phase 1, or reselect specific groups.
Encryption Algorithm: Select the encryption algorithms that the device
attempts to use when negotiating with the IPSec peer.
Authentication Algorithm (for ESP protocol): Select the
authentication algorithms that the device attempts to use when
negotiating with the IPSec peer.
Hash Algorithm (for AH protocol): Select the hash algorithms that the
device attempts to use when negotiating with the IPSec peer.
♦ Manual key definition:
Figure 47-49: IPSec Tab - IPSec Manual
To Next Page
Loading...
