The authentication method determines how the Encapsulating Security Payload Protocol
(ESP) header packets are validated. The MD5 is a one-way hashing algorithm that
produces a 128-bit digest. The SHA1 is a one-way hashing algorithm that produces a
160-bit digest. The SHA1 is recommended because it is more secure. Make sure that
both ends of the VPN tunnel use the same authentication method. Select an
authentication (MD5, SHA1 or SHA2-256).
Authentication
Amount of time an IKE SA is active in this phase (Range 120 to 86400, Default 28800).SA Lifetime (Sec)
Pre-shared key to use to authenticate the remote IKE peer. You can enter up to 30
keyboard characters or hexadecimal values, such as My_@123 or 4d795f40313233.
Both ends of the VPN tunnel must use the same Pre-shared Key.
We recommend that you change the Pre-shared Key periodically to maximize VPN
security.
Pre-Shared Key
Phase 2 Options
Select a protocol from the drop-down list.
• AH: Select this for data integrity in situations where data is not secret but must
be authenticated.
• ESP: Select ESP for data encryption and enter the encryption.
Protocol Selection
Select an encryption (3DES, AES-128, AES-192, or AES-256) from the drop-down
list. Method determines the algorithm used to encrypt or decrypt ESP/ISAKMP packets.
Encryption
Select an authentication (MD5, SHA1, or SHA2-256).Authentication
Amount of time a VPN tunnel (IPSec SA) is active in this phase. The default value for
Phase 2 is 3600 seconds.
SA Lifetime (Sec)
Provide a name for the new profile.Save as a new profile
When Perfect Forward Secrecy (PFS) is enabled, IKE Phase 2 negotiation generates
new key material for IPSec traffic encryption and authentication. Perfect Forward
Secrecy is used to improve the security of communications transmitted across the
Internet using public key cryptography. Check the box to enable this feature, or uncheck
the box to disable this feature. This feature is recommended. Enter lifetime in seconds.
Perfect Forward Secrecy
(PFS)
Step 11 Click Next to see the summary of all configurations.
Step 12 Click Submit.
IPSec VPN
Internet Protocol Security (IPSec) is a set of protocols which sit on top of the Internet Protocol (IP) layer.
This allows for two or more hosts to communicate in a secure manner by authenticating and encrypting each
IP packet of data.
The most common use of the IPSec protocol is to provide a Virtual Private Networking (VPN) service. A
VPN is a virtual network that is built on top of existing physical networks. VPNs provide a secure
RV260x Administration Guide
91
VPN
IPSec VPN
To Next Page
Loading...
Need help?
General
