Virtual Private Networking
215
• Down indicates that the tunnel is not being negotiated. This may be due to the
following reasons:
o IPSec is disabled.
o The tunnel is disabled.
o The tunnel could not be loaded due to misconfiguration.
• Negotiating Phase 1 indicates that IPSec is negotiating Phase 1 to establish the
tunnel. Aggressive or Main mode packets (depending on tunnel configuration)
are transmitted during this stage of the negotiation process.
• Negotiating Phase 2 indicates that IPSec is negotiating Phase 2 to establish the
tunnel. Quick mode packets are transmitted during this stage of the negotiation
process.
• Running indicates that the tunnel has been established.
Tunnels that use Manual Keying are in either a Down or Running state.
For tunnels that use Automatic Keying, further negotiation details can be seen by clicking
on the status. A window similar to the following is displayed.
Interfaces Loaded lists the CyberGuard SG appliance's interfaces which IPSec is using.
Phase 2 Ciphers Loaded lists the encryption ciphers that tunnels can be configured with
for Phase 2 negotiations. This includes DES, 3DES and AES.
Phase 2 Hashes Loaded lists the authentication hashes that tunnels can be configured
with for Phase 2 negotiations. This includes MD5 and SHA1 (otherwise known as SHA).
Phase 1 Ciphers Loaded lists the encryption ciphers that tunnels can be configured with
for Phase 1 negotiations. This includes DES, 3DES and AES.
To Next Page
Loading...
Need help?
General
