Configuring VPN
Configuring Site-to-Site IPsec VPN Advanced Parameters
Cisco RV130/RV130W Wireless Multifunction VPN Router Administration Guide 104
6
- DES—8 characters
- 3DES—24 characters
- AES-128—16 characters
- AES-192—24 characters
- AES-256—32 characters
• Manual Integrity Algorithm—Select the algorithm used to verify the
integrity of the data.
• Key-In, Key Out—Enter the integrity key (for ESP with Integrity-mode) for
the inbound and outbound policy. The length of the key depends on the
algorithm chosen:
- MD5—16 characters
- SHA-1—20 characters
- SHA2-256—32 characters
STEP 5 For an Auto policy type, enter the settings in the Auto Policy Parameters section.
• SA-Lifetime—Enter the duration of the Security Association in seconds.
After the specified number of seconds, the Security Association is
renegotiated. The default value is 3600 seconds. The minimum value is 300
seconds.
• Encryption Algorithm—Select the algorithm used to encrypt the data.
• Integrity Algorithm—Select the algorithm used to verify the integrity of the
data.
• PFS Key Group—Check the Enable box to enable Perfect Forward Secrecy
(PFS) to improve security. While slower, this protocol helps to prevent
eavesdroppers by ensuring that a Diffie-Hellman exchange is performed for
every phase-2 negotiation.
• DH Group—Specify the DH Group algorithm used when exchanging a pre-
shared key. The DH Group sets the strength of the algorithm in bits. Ensure
that the DH Group is configured identically on both sides of the IKE policy.
• Select IKE Policy—Choose the IKE policy that will define the
characteristics of the SA negotiation.
STEP 6 Click Save.
To Next Page
Loading...
