Version 5.8 89 September 2009
SIP User's Manual 3. Web-Based Management
If no IKE methods are defined (Encryption / Authentication / DH Group), the default settings
(shown in the following table) are applied.
Table 3-14: Default IKE First Phase Proposals
Proposal Encryption Authentication DH Group
Proposal 0
3DES SHA1 1024
Proposal 1
3DES MD5 1024
Proposal 2
3DES SHA1 786
Proposal 3
3DES MD5 786
The parameters described in the following table are used to configure the first phase (main
mode) of the IKE negotiation for a specific peer. A different set of parameters can be
configured for each of the 20 available peers.
Table 3-15: IKE Table Configuration Parameters
Parameter Name Description
Authentication Method
[IkePolicyAuthenticationMethod]
Determines the authentication method for IKE.
[0] Pre-shared Key (default)
[1] RSA Signature
Notes:
For pre-shared key authentication, peers participating in
an IKE exchange must have a prior (out-of-band)
knowledge of the common key (see
IKEPolicySharedKey parameter).
For RSA signature authentication, peers must be loaded
with a certificate signed by a common CA. For additional
information on certificates, refer to ''Server Certificate
Replacement'' on page 79.
Shared Key
[IKEPolicySharedKey]
Determines the pre-shared key (in textual format). Both
peers must register the same pre-shared key for the
authentication process to succeed.
Notes:
The pre-shared key forms the basis of IPSec security
and should therefore, be handled cautiously (in the
same way as sensitive passwords). It is not
recommended to use the same pre-shared key for
several connections.
Since the ini file is in plain text format, loading it to the
device over a secure network connection is
recommended, preferably over a direct crossed-cable
connection from a management PC. For added
confidentiality, use the encoded ini file option (described
in ''Secured Encoded ini File'' on page 189).
After it is configured, the value of the pre-shared key
cannot be obtained via Web interface, ini file, or SNMP
(refer the Product Reference Manual).
To Next Page
Loading...
