Adding and Editing VPN Sites
Chapter 16: Working with VPNs 521
Table 109: Security Methods Fields
In this field… Do this…
Phase 1
Security Methods Select the encryption and integrity algorithm to use for IKE negotiations:
• Automatic. The UTM-1 appliance automatically selects the best
security methods supported by the site. This is the default.
• A specific algorithm
Diffie-Hellman
group
Select the Diffie-Hellman group to use:
• Automatic. The UTM-1 appliance automatically selects a group.
This is the default.
• A specific group
A group with more bits ensures a stronger key but lowers performance.
Renegotiate every Type the interval in minutes between IKE Phase-1 key negotiations. This
is the IKE Phase-1 SA lifetime.
A shorter interval ensures higher security, but impacts heavily on
performance. Therefore, it is recommended to keep the SA lifetime
around its default value.
The default value is 1440 minutes (one day).
Phase 2
Security Methods Select the encryption and integrity algorithm to use for VPN traffic:
• Automatic. The UTM-1 appliance automatically selects the best
security methods supported by the site. This is the default.
• A specific algorithm
To Next Page
Loading...
