EasyManua.ls Logo

EnGenius ESR600 - SA (Security Association) Configuration

EnGenius ESR600
135 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
102
SA (Security Association)
IKE(InternetKeyExchange)isconguredintwonegotiations.
Phase1authenticatestheVPNClientstoeachotherby
conrmingthematchingPre-SharedKeywiththetwogateways.
IPSecisthePhase2oftheVPNprocess.
Manually conguring a VPN tunnel prole.
IKE (Phase 1) Proposal
Exchange:Clickthedrop-downmenutoselectthetypeof
exchange(MainMode,AggressiveMode).
DH Group:Clickthedrop-downmenutoselecttheDHgroup
(group1,group2,group5,group14).
Encryption: Clickthedrop-downmenutoselectthetypeof
encryption(DES,3DES,AES128,AES192,AES256).
Authentication: Clickthedrop-downmenutoselectthe
authenticationprotocol(MD5,SHA1).
Life Time: Enter the life time value for Phase 1. The life time
valueshouldbegreaterthanPhase2(IPSec).86400sec.(1day)
is a common default and is a normal value for Phase 1.
IPSec (Phase 2) Proposal
Protocol: Clickthedrop-downmenutoselecttheprotocoltype
(ESP,AH)
Encryption: Clickthedrop-downmenutoselectthetypeof
encryption(DES,3DES,AES128,AES192,AES256).
Authentication: Clickthedrop-downmenutoselectthe
authenticationprotocol(MD5,SHA1).
Perfect Forward Secrecy (PFS):SelectenabletoenablePFS.A
freshDHkeyisgeneratedduringIKEphaseIIandrenewedfor
eachkeyexchangetoeliminatedependenciesbetweenthe
keys.
DH Group: Clickthedrop-downmenutoselecttheDHgroup
(group1,group2,group5,group14).
Life Time: Enter the life time value for Phase 2. The life time
valueshouldbesmallerthanPhase1(IKE).3600sec.(1hour)
is a common value for Phase 2.
Apply: ClickApply to save the changes.
Cancel:ClickCancel to delete the changes.

Table of Contents

Related product manuals