Robustel GoRugged R3000 User Guide
RT_UG_R3000_v.4.0.0 27 March, 2017 77/136
Confidential
Select from “3DES”, “AES128” or “AES256” when you select “ESP” in
“Protocol”. Higher security means more complex implementation and lower
speed. DES is enough to meet general requirements. Use 3DES when high
confidentiality and security are required.
Select from “MD5”, “SHA1”, “SHA2 256” or “SHA2 512” to be used in SA
negotiation.
Select from “DHgroup2”, “DHgroup5”, “DHgroup14”, “DHgroup15”,
“DHgroup16”, “DHgroup17” or “DHgroup18” to be used in SA negotiation.
Set the IPsec SA lifetime. When negotiating to set up IPsec SAs, IKE uses the
smaller one between the lifetime set locally and the lifetime proposed by the
peer.
Set the interval after which DPD is triggered if no IPsec protected packets is
received from the peer. DPD is a Dead peer detection. DPD irregularly detects
dead IKE peers. When the local end sends an IPsec packet, DPD checks the
time the last IPsec packet was received from the peer. If the time exceeds the
DPD interval, it sends a DPD hello to the peer. If the local end receives no DPD
acknowledgment within the DPD packet retransmission interval, it retransmits
the DPD hello. If the local end still receives no DPD acknowledgment after
having made the maximum number of retransmission attempts, it considers
the peer already dead, and clears the IKE SA and the IPsec SAs based on the
IKE SA.
Set the timeout of DPD (Dead Peer Detection) packets.
Click the toggle button to enable/disable this option. Enable to compress the
inner headers of IP packets.
Add more PPP configuration options here, format: config-desc;config-desc,
e.g. protostack=netkey;plutodebug=none
To Next Page
Loading...
Need help?
General
