Field Description
may change due to mathematical or cryptographic develop-
ments.
DH Group The Diffie-Hellman group defines the parameter set used as the
basis for the key calculation during phase 1. "MODP" as sup-
ported by bintec devices stands for "modular exponentiation".
Possible values:
• 1 (768-bit): During the Diffie-Hellman key calculation,
modular exponentiation at 768 bits is used to create the en-
cryption material.
• 2 (1024-bit): During the Diffie-Hellman key calculation,
modular exponentiation at 1024 bits is used to create the en-
cryption material.
• 5 (1536-bit): During the Diffie-Hellman key calculation,
modular exponentiation at 1536 bits is used to create the en-
cryption material.
Lifetime Create a lifetime for phase 1 keys.
As for RFC 2407, the default value is eight hours, which means
the key must be renewed once eight hours have elapsed.
The following options are available for defining the lifetime:
Entry in Seconds: Enter the lifetime for phase 1 key in seconds.
The value can be a whole number from 0 to 2147483647. The
default value is 14400.
Entry in KBytes: Enter the lifetime for phase 1 keys as amount
of data processed in KBytes. The value can be a whole number
from 0 to 2147483647. The default value is 0.
The standard value as per RFC is used 0 seconds and 0
Kbytes are entered.
Authentication Method Select the authentication method.
Possible values:
• Preshared Keys (default value): If you do not use certific-
ates for the authentication, you can select Preshared Keys.
These are configured during peer configuration in the IPSec
14 VPN Funkwerk Enterprise Communications GmbH
230 bintec W1002/W1002n/W2002/WIx040/WIx065
To Next Page
Loading...
