Enable Advanced Settings: Enable to configure 1
st
and 2
nd
phase information,
otherwise it
will automate negotiation according to opposite end
IKE Encryption: IKE phase encryption mode
IKE Integrity: IKE phase authentication algorithm
IKE Group type: DH exchange algorithm
IKE Lifetime: set IKE lifetime, current unit is hour, the default is 0
ESP Encryption: ESP encryption type
ESP Integrity: ESP authentication algorithm
ESP Key life: Set ESP key life, current unit is hour, the default is 0
IKE aggressive mode allowed: Allow “aggressive mode” connections – these are
faster, although less secure.
Perfect Forward Secrecy: Tick to enable PFS, non-tick to disable PFS
Authentication: choose use share encryption option or certificate authentication
option. To use X.509 certificates for client/server auth, you must crate/import
those certificates first, using the “Certificate Management” section of IPSec config.
To Next Page
Loading...
