VPN
Gateway to Gateway
88 Cisco RV320/RV325 Administration Guide
8
• Perfect Forward Secrecy—When Perfect Forward Secrecy (PFS) is
enabled, IKE Phase 2 negotiation generates new key material for IP traffic
encryption and authentication, so hackers using brute force to break
encryption keys will not be able to obtain future IPsec keys. Check the box
to enable this feature, or uncheck the box to disable this feature. This feature
is recommended.
• Preshared Key—Preshared key to use to authenticate the remote IKE peer.
You can enter up to 30 keyboard characters or hexadecimal values, such as
My_@123 or 4d795f40313233 (' ' " \ are not supported). Both ends of the
VPN tunnel must use the same Preshared Key. It is strongly recommended
that you change the Preshared Key periodically to maximize VPN security.
• Minimum Preshared Key Complexity—Check the Enable box to enable
the Preshared Key Strength Meter.
• Preshared Key Strength Meter—When you enable Minimum Preshared
Key Complexity, this meter indicates the preshared key strength. As you
enter a preshared key, colored bars appear. The scale goes from red (weak)
to yellow (acceptable) to green (strong).
TIP Enter a complex preshared key that includes more than eight characters,
upper- and lowercase letters, numbers, and symbols such as -*^+=.
To Next Page
Loading...
