Robustel R5020 User Guide
RT_UG_R5020_v.1.0.2 Mar. 17, 2023 93/167
The window is displayed as below when choosing “xAuth CA” as the authentication type.
Select from “IKEv1” and “IKEv2”.
Select from “Main” and “Aggressive” for the IKE negotiation mode in phase 1.
If the IP address of one end of an IPsec tunnel is obtained dynamically, the IKE
negotiation mode must be aggressive. In this case, SAs can be established as
long as the username and password are correct.
Select from “MD5”, “SHA1”, “SHA2 256” or “SHA2 512” to be used in IKE
negotiation.
Select from “3DES”, “AES128”, “AES192”and “AES256”to be used in IKE
negotiation.
3DES: Use 168-bit 3DES encryption algorithm in CBC mode
AES128: Use 128-bit AES encryption algorithm in CBC mode
AES128: Use 192-bit AES encryption algorithm in CBC mode
AES256: Use 256-bit AES encryption algorithm in CBC mode
Select from “DHgroup1”,“DHgroup2”, “DHgroup5”, “DHgroup14”,
“DHgroup15”, “DHgroup16”, “DHgroup17” or “DHgroup18” to be used in key
negotiation phase 1.
Select from “PSK”, “CA”, “xAuth PSK” and “xAuth CA” to be used in IKE
negotiation.
PSK: Pre-shared Key
CA: Certification Authority
xAuth: Extended Authentication to AAA server
Enter the pre-shared key.
Select from “Default”, “FQDN” and “User FQDN” for IKE negotiation.
Default: Uses an IP address as the ID in IKE negotiation
FQDN: Uses an FQDN type as the ID in IKE negotiation. If this option is
selected, type a name without any at sign (@) for the local security
router, e.g., test.robustel.com
To Next Page
Loading...
