Parameter Possible values Actual value
— DH Group
• 1
• 2
• 5
• 14
— Lifetime seconds
• 60 to 86,400 default: 86,400 (1
day)
b.) VPN IPSEC (Data) Phase 2 Parameters
— Encryption
• esp-des
• esp-3des
• esp-aes
• esp-aes-192
• esp-aes-256
— Authentication Hash
• esp-sha-hmac
• esp-md5-hmac
— IP compression
• enable (comp-lzs)
• disable
— PFS Group
• no pfs (default)
• 1
• 2
• 5
• 14
— Lifetime seconds
• 120 to 86,400 default: 3,600 (1
hour)
— Lifetime kilobytes
• 2,560 to 536,870,912 default:
4,608,000 kb
• disable
5. Which packets should be secured
a. Protect rules matching options
• IP source address
• IP destination address
b. Bypass rules matching options
• IP source address
• IP destination address
IPSec VPN
Administering Avaya G430 Branch Gateway October 2013 549
To Next Page
Loading...
