44D-Link DSL-X1852E User Manual
Section 4 - Conguration
Pre-Shared Key: Enter a pre-shared key to authenticate a remote peer. Up to 16
characters including symbols can be entered. Both local and remote
device of the VPN tunnel must use the same pre-shared Key.
Perfect Forward
Secrecy:
Enable or disable Perfect Forward Secrecy. It uses public key
cryptography to improve the security of IPSec data communication.
NAT Traversal: Enable or disable NAT traversal for the negotiation of an IPSec VPN
connection. It allows IPsec VPN trac to pass if NAT is used on the
gateways.
Key Exchange Phase 1
Exchange Mode: Select Main, Aggressive or Base. In general, Aggressive mode is faster
than the Main mode but oers less protection against authentication
security. Unlike the Aggressive and Main Mode, the Base Mode can
transmit the key exchange information and authentication data
together .
Encryption
Algorithm:
Select encryption method as the algorithm for encrypting data
packets. The options are DES, 3DES, AES-128, AES-192 or AES-256.
Authentication
Algorithm:
The authentication algorithm validates data packets. Select MD5,
SHA1, or SHA256. Both local and remote device of the VPN tunnel
must use the same authentication algorithm. Both MD5 and SHA are
one-way hashing algorithm but produce dierent number of digest
bit.
Die-Hellman
Group:
The Die-Hellman key exchange protocol oers dierent prime key
lengths. Select 768, 1024, 1536, 2048, 3072, or 4096 bit.
Key Life Time: Enter the amount of time that a key is active in Phase 1. Then select
the unit: Seconds, Minutes or Hours.
Key Exchange Phase 2
To Next Page
Loading...
