Defining an IKE Policy
Firebox Vclass User Guide 307
When an automatic key is configured in an IPSec action,
authentication and encryption must be selected. These
keys are created by the administrator. Using a manual key
provides more flexibility regarding which authentication
methods and encryption algorithms are used.
This flexibility is expressed in the form of proposals incor-
porated into the IPSec action. For example, one proposal
may use ESP with 3DES for encryption and SHA for
authentication. A second proposal may use ESP with DES
for encryption and AH with MD5 for authentication. When
a Firebox Vclass appliance negotiates with another appli-
ance to select an automatic key, the initiating appliance
sends a list of proposals to the other appliance, starting a
negotiation process at the end of which a protocol and
algorithm are chosen and used.
N
OTE
You must activate your LiveSecurity Service to enable 3DES
encryption. To activate your LiveSecurity Service, go to:
http:\\www.watchguard.com\activate
For more information on LiveSecurity Service, see “Service
and Support” on page 9.
Defining an IKE Policy
To define an IKE policy:
1 From the main Vcontroller window, click IKE Policy.
The IKE Policy dialog box appears.
To Next Page
Loading...
