Virtual Private Network > Connections
Virtual Private Network
RM GUI HiSecOS EAGLE20/30
Release
3.0
09/2015
239
DPD Timeout [s] Specifies the timeout, in seconds, that the local peer declares the remote
peer dead, if the remote peer unresponsive.
Possible values:
0..86400
(default setting:
120
)
The value 0 disables this feature. The default setting is 2 minutes and
the maximum setting is 24 hours.
Lifetime [s] Specifies the lifetime, in seconds, of the IKE security association between
two network devices to support secure communication. The device
establishes a security association after exchanging a set of pre-defined
keys.
Possible values:
300..86400
(default setting:
28800
)
The default setting is 8 hours and the maximum setting is 24 hours.
Parameters Meaning
IPSec/Data-Exchange
Key agreement Specifies which Diffie-Hellman key agreement algorithm the device uses for
establishing the IPsec-SA session key establishment.
Possible values:
any
With this value selected the device accepts every algorithm when
specified as the responder and various pre-defined algorithm when
specified as the initiator.
modp1024
(default setting)
The value represents an Rivest, Shamir, and Adleman (RSA) algorithm
with 1024 bits modulus. This value is Diffie-Hellman Group 2.
modp1536
The value represents an RSA with 1536 bits modulus which is Diffie-
Hellman Group 5.
modp2048
The value represents an RSA with 2048 bits modulus which is Diffie-
Hellman Group 14.
modp3072
The value represents an RSA with 3072 bits modulus which is Diffie-
Hellman Group 15.
modp4096
The value represents an RSA with 4096 bits modulus which is Diffie-
Hellman Group 16.
none
The value disables Perfect Forward Secrecy (PFS). With PFS enabled,
when a compromise of a single key occurs, then the integrity remains
for subsequently generated keys.
Parameters Meaning
To Next Page
Loading...