Web reference IPsec Tunnels page
Digi TransPort WR Routers User Guide
308
Encryption options
Option Description
ESP
encryption
Selects the ESP encryption type for IPsec tunnel. Select multiple values of aes128,
aes192 and aes256. The default is aes128.
ESP
authentication
Selects the Encapsulating Security Payload (ESP) authentication type used for the
IPsec tunnel. Select multiple values of sha1 and sha256. The default value sha1.
ESP Diffie
Hellman group
Selects the Encapsulating Security Payload (ESP) Diffie-Hellman group used for
the IPsec tunnel. Select multiple values of none, group5, group14, group15 and
group16. The default is group14.
Negotiation options
Option Description
Internet Key
Exchange
(IKE)
Selects the Internet Key Exchange (IKE) version to use for this IPsec tunnel. The
default is 1.
IKE
negotiation
mode
Selects the IKEv1 mode to use for this IPsec tunnel: main or aggressive. The
default is main.
IKE encryption
Selects the IKE encryption type for this IPsec tunnel. Select multiple values of
aes128, aes192 and aes256. The default is aes128.
IKE
authentication
Selects the IKE authentication type for this IPsec tunnel: sha1 or sha256. The
default is sha1.
IKE Diffie
Hellman group
Selects the IKE Diffie-Hellman group for this IPsec tunnel. Diffie-Hellman is a
public-key cryptography protocol for establishing a shared secret over an insecure
communications channel. Diffie-Hellman is used with Internet Key Exchange (IKE)
to establish the session keys that create a secure channel.
Select multiple values of group5, group14, group15 and group16. The default is
group14.
Lifetime options
Option Description
IPsec tunnel lifetime before renegotiation
Time threshold
max (seconds)
Specifies the timeout, in seconds, for dead peer detection. Enter an integer
from 1 to 3600. The default value is 3600.
Data threshold max
(bytes)
Specifies the dead peer detection transmit delay. Enter an integer from 1 to
3600. The default value is 0.
To Next Page
Loading...
