MDS 05-6632A01, Rev. F MDS Orbit MCR/ECR Technical Manual 255
NOTE Orbit supports 3DES (Triple Digital Encryption Standard), and 128-bit, 192-bit, and 256-bit
AES (Advanced Encryption Standard) encryption. When using AES encryption, CBC (Cipher
Block Chaining), CTR(Counter), CCM 8, CCM 12, and CCM 16 (Counter with CBC-MAC),
and GCM 8, GCM 12, and GCM 16 (Galois/Counter Mode) modes of operation are available.
MAC algorithm – SHA-1 HMAC, SHA-256 HMAC, SHA-384 HMAC, SHA-512 HMAC.
Orbit supports HMAC (Hash-based Message Authentication Code), using either SHA-1(Secure Hash
Algorithm), or 256-, 384-, or 512-bit SHA-2.
DH Group – DH-1, DH-2, DH-5, DH-14, DH-15
The DH Group setting determines the strength of the key in the Diffie-Hellman key exchange. Higher
groups include more bits and are thus more secure, but require more time to complete the key
exchange. For phase-2 ciphersuite configuration, DH group is optional. It needs to be configured only
if perfect forward secrecy (PFS) is desired.
The local and remote subnets should also match those configured on the peer.
Local IP Subnet – The local IP subnet behind Orbit.
Remote IP Subnet – The remote IP subnet behind the peer IPsec VPN router.
Click Next to continue. The next screen requires one to select the interface over which this connection
will be established. This is almost always the Cell interface.
Click Next to continue. The next screen provides some general information.
Click Next to continue. The next screen lists all the changes that have been made by this wizard. Click
Submit to commit these changes on Orbit.
To Next Page
Loading...
Need help?
General
