SmartFlex
Continued from previous page
Item Description
IKE Algorithm Specifies the means by which the router selects the algorithm:
• auto – The encryption and hash algorithm are selected au-
tomatically.
• manual – The encryption and hash algorithm are defined
by the user.
IKE Encryption Encryption algor ithm – 3DES, AES128, AES192, AES256.
IKE Hash Hash algorithm – MD5, SHA1, SHA256, SHA384 or SHA512.
IKE DH Group Specifies the Diffie-Hellman groups which determine the strength
of the key used in the key exchange process. Higher group num-
bers are more secure, but require more time to compute the key.
ESP Algorithm Specifies the means by which the router selects the algorithm:
• auto – The encryption and hash algorithm are selected au-
tomatically.
• manual – The encryption and hash algorithm are defined
by the user.
ESP Encryption Encryption algorithm – DES, 3DES, AES128, AES192, AES256.
ESP Hash Hash algorithm – MD5, SHA1, SHA256, SHA384 or SHA512.
PFS Enables/disables the Perfect Forward Secrecy function. The
function ensures that derived session keys are not compromised
if one of the private keys is compromised in the future.
PFS DH Group Specifies the Dif fie-Hellman group number (see IKE DH Group).
Key Lifetime Lifetime key data part of tunnel. The minimum value of this pa-
rameter is 60 s. The maximum value is 86400 s.
IKE Lifetime Lifetime key service part of tunnel. The minimum value of this
parameter is 60 s. The maximum value is 86400 s.
Rekey Margin Specifies how long before a connection expires that the router
attempts to negotiate a replacement. Specify a maximum value
that is less than half of IKE and Key Lifetime parameters.
Rekey Fuzz Percentage of time for the Rekey Margin extension.
DPD Delay Time after which the IPsec tunnel functionality is tested.
DPD Timeout The period during which device waits for a response.
Continued on next page
81
To Next Page
Loading...
Need help?
General