Configuring Access Point Security
6-49
IKE Authentication
Mode
Select the appropriate IKE authentication mode:
• Pre-Shared Key (PSK) - Specify an authenticating algorithm
and passcode used during authentication.
• RSA Certificates - Select this option to use RSA certificates
for authentication purposes. See the CA Certificates and Self
certificates screens to create and import certificates into the
system.
IKE Authentication
Algorithm
IKE provides data authentication and anti-replay services for the
VPN tunnel. Select an authentication methods from the drop-down
menu.
• MD5 - Enables the Message Digest 5 algorithm. No keys are
required to be manually provided.
• SHA1 - Enables Secure Hash Algorithm. No keys are
required to be manually provided.
IKE Authentication
Passphrase
If you selected Pre-Shared Key as the authentication mode, you
must provide a passphrase.
IKE Encryption
Algorithm
Select the encryption and authentication algorithms for the VPN
tunnel from the drop-down menu.
• DES - Uses the DES encryption algorithm. No keys are
required to be manually provided.
• 3DES - Enables the 3DES encryption algorithm. No keys are
required to be manually provided.
• AES 128-bit - Uses the Advanced Encryption Standard
algorithm with 128-bit. No keys are required to be manually
provided.
• AES 192-bit - Enables the Advanced Encryption Standard
algorithm with 192-bit. No keys are required to be manually
provided.
• AES 256-bit - Uses the Advanced Encryption Standard
algorithm with 256-bit. No keys are required to be manually
provided.
Key Lifetime The number of seconds the key is valid. At the end of the lifetime,
the key is renegotiated.
The access point forces renegotiation every 3600 seconds. There is
no way to change the renegotiation value. If the IKE Lifetime is
greater than 3600, the keys still get renegotiated every 3600
seconds.
To Next Page
Loading...
