AudioCodes MediaPack MP-118

To Next Page

To Previous Page

Version 6.6 141 MP-11x & MP-124

User's Manual 12. Security

Parameter Name Description

Certificate' on page 95.

Shared Key

[IPsecSATable_SharedKey]

Defines the pre-shared key (in textual format). Both peers

must use the same pre-shared key for the authentication

process to succeed.

Notes:

 This parameter is applicable only if the Authentication

Method parameter is set to pre-shared key.

 The pre-shared key forms the basis of IPSec security and

therefore, it should be handled with care (the same as

sensitive passwords). It is not recommended to use the

same pre-shared key for several connections.

 Since the ini file is plain text, loading it to the device over

a secure network connection is recommended. Use a

secure transport such as HTTPS, or a direct crossed-

cable connection from a management PC.

 After it is configured, the value of the pre-shared key

cannot be retrieved.

Source Port

[IPsecSATable_SourcePort]

Defines the source port to which this configuration applies.

The default is 0 (i.e., any port).

Destination Port

[IPsecSATable_DestPort]

Defines the destination port to which this configuration

applies.

The default is 0 (i.e., any port).

Protocol

[IPsecSATable_Protocol]

Defines the protocol type to which this configuration applies.

Standard IP protocol numbers, as defined by the Internet

Assigned Numbers Authority (IANA) should be used, for

example:

 0 = Any protocol (default)

 17 = UDP

 6 = TCP

IKE SA Lifetime

[IPsecSATable_Phase1SaLifetimeIn

Sec]

Defines the duration (in seconds) for which the negotiated

IKE SA (Main mode) is valid. After this time expires, the SA

is re-negotiated.

The default is 0 (i.e., unlimited).

Note: Main mode negotiation is a processor-intensive

operation; for best performance, do not set this parameter to

less than 28,800 (i.e., eight hours).

IPSec SA Lifetime (sec)

[IPsecSATable_Phase2SaLifetimeIn

Sec]

Defines the duration (in seconds) for which the negotiated

IPSec SA (Quick mode) is valid. After this time expires, the

SA is re-negotiated.

The default is 0 (i.e., unlimited).

Note: For best performance, a value of 3,600 (i.e., one hour)

or more is recommended.

IPSec SA Lifetime (Kbs)

[IPsecSATable_Phase2SaLifetimeIn

KB]

Defines the maximum volume of traffic (in kilobytes) for

which the negotiated IPSec SA (Quick mode) is valid. After

this specified volume is reached, the SA is re-negotiated.

The default is 0 (i.e., the value is ignored).

Dead Peer Detection Mode

[IPsecSATable_DPDmode]

Defines dead peer detection (DPD), according to RFC 3706.

 [0] DPD Disabled (default)

AudioCodes MediaPack MP-118

Table of Contents

Other manuals for AudioCodes MediaPack MP-118

Related product manuals