Chapter 4 Quick Setup Wizards
USG20(W)-VPN Series User’s Guide
77
• Encryption Algorithm: This displays the encryption method used. The longer the key, the
higher the security, the lower the throughput (possibly).
• DES uses a 56-bit key.
• 3DES uses a 168-bit key.
• AES128 uses a 128-bit key
• AES192 uses a 192-bit key
• AES256 uses a 256-bit key.
• Authentication Algorithm: This displays the authentication algorithm used. The stronger the
algorithm, the slower it is.
• MD5 gives minimal security.
• SHA1 gives higher security
• SHA256 gives the highest security.
• Key Group: This displays the Diffie-Hellman (DH) key group used. DH5 is more secure than
DH1 or DH2 (although it may affect throughput).
• DH1 uses a 768 bit random number.
• DH2 uses a 1024 bit (1Kb) random number.
• DH5 uses a 1536 bit random number.
Phase 2
• Active Protocol: This displays ESP (compatible with NAT) or AH.
• Encapsulation: This displays Tunnel (compatible with NAT) or Transport.
• Encryption Algorithm: This displays the encryption method used. The longer the key, the
higher the security, the lower the throughput (possibly).
• DES uses a 56-bit key.
• 3DES uses a 168-bit key.
• AES128 uses a 128-bit key
• AES192 uses a 192-bit key
• AES256 uses a 256-bit key.
• Null uses no encryption.
• Authentication Algorithm: This displays the authentication algorithm used. The stronger the
algorithm, the slower it is.
• MD5 gives minimal security.
• SHA1 gives higher security
•
SHA256 gives the highest security..
The Configuration for Secure Gateway displays the configuration that the USG IPSec VPN Client
will get from the USG.
Click Save to save the VPN rule.
4.4.9 VPN Settings for Configuration Provisioning Advanced Wizard- Finish
Now the rule is configured on the USG. The Phase 1 rule settings appear in the VPN > IPSec VPN
> VPN Gateway screen and the Phase 2 rule settings appear in the VPN > IPSec VPN > VPN
To Next Page
Loading...
