Configuring with Web Based Management
4.7 "Security" menu
SCALANCE SC-600 Web Based Management (WBM)
336 Configuration Manual, 10/2021, C79000-G8976-C475-03
• Key Derivation (PFS)
Select the required Diffie-Hellmann group (DH) from which a key will be generated.
Can only be selected if "Default Ciphers" is disabled.
The following DH groups are supported:
– None: For phase 2, no separate keys are exchanged. This means that Perfect
Forward Secrecy (PFS) is disabled.
– DH group 1
– DH group 2
– DH group 5
– DH group 14
– DH group 15
– DH group 16
– DH group 17
– DH group 18
Note
So that a VPN connection can be established, all devices need to use the same
settings or provide compatible key procedures.
• Lifetime [min]:
Enter a period in minutes to specify the lifetime of the agreed keys. When the time
expires, the key is renegotiated.
• Lifebytes
Enter the data limit in bytes that specifies the lifetime of the agreed key. When the
data limit is reached, the key is renegotiated.
• Protocol
Specify the protocol for which the VPN connection is valid e.g. UDP, TCP, ICMP. If the
setting is intended to apply to all protocols, enter "*".
To Next Page
Loading...
