Configure Security

 

Section

Field Description

 

 

Key

Select one of the following options for the key exchange method:

 

(continued)Management

Auto (IKE)

 

 

 

Encryption: The Encryption method determines the length of the key used

 

 

 

to encrypt/decrypt ESP packets. Notice that both sides must use the same

 

 

 

method.

 

 

 

Authentication: The Authentication method authenticates the

 

 

 

Encapsulating Security Payload (ESP) packets. Select MD5 or SHA. Notice

 

 

 

that both sides (VPN endpoints) must use the same method.

 

 

 

MD5: A one-way hashing algorithm that produces a 128-bit digest

 

 

 

SHA: A one-way hashing algorithm that produces a 160-bit digest

 

 

 

Perfect Forward Secrecy (PFS): If PFS is enabled, IKE Phase 2 negotiation

 

 

 

will generate new key material for IP traffic encryption and authentication.

 

 

 

Note that both sides must have PFS enabled.

 

 

 

Pre-Shared Key: IKE uses the Pre-Shared Key to authenticate the remote

 

 

 

IKE peer. Both character and hexadecimal values are acceptable in this

 

 

 

field, e.g., "My_@123" or "0x4d795f40313233". Note that both sides must use

 

 

 

the same Pre-Shared Key.

 

 

 

Key Lifetime: This field specifies the lifetime of the IKE generated key. If

 

 

 

the time expires, a new key will be renegotiated automatically. The Key

 

 

 

Lifetime may range from 300 to 100,000,000 seconds. The default lifetime is

 

 

 

3600 seconds.

 

 

Manual

 

 

 

Encryption: The Encryption method determines the length of the key used

 

 

 

to encrypt/decrypt ESP packets. Notice that both sides must use the same

 

 

 

method.

 

 

 

Encryption Key: This field specifies a key used to encrypt and decrypt IP

 

 

 

traffic. Both character and hexadecimal values are acceptable in this field.

 

 

 

Note that both sides must use the same Encryption Key.

 

 

 

Authentication: The Authentication method authenticates the

 

 

 

Encapsulating Security Payload (ESP) packets. Select MD5 or SHA. Notice

 

 

 

that both sides (VPN endpoints) must use the same method.

 

 

 

MD5: A one-way hashing algorithm that produces a 128-bit digest

 

 

 

SHA: A one-way hashing algorithm that produces a 160-bit digest

 

 

 

Authentication Key: This field specifies a key used to authenticate IP

 

 

 

traffic. Both character and hexadecimal values are acceptable in this field.

 

 

 

Note that both sides must use the same Authentication Key.

 

 

 

Inbound SPI/Outbound SPI: The Security Parameter Index (SPI) is carried

 

 

 

in the ESP header. This enables the receiver to select the SA, under which a

 

 

 

packet should be processed. The SPI is a 32-bit value. Both decimal and

 

 

 

hexadecimal values are acceptable. e.g., "987654321" or "0x3ade68b1". Each

 

 

 

tunnel must have a unique Inbound SPI and Outbound SPI. No two tunnels

 

 

 

share the same SPI. Note that the Inbound SPI must match the remote

 

 

 

gateway's Outbound SPI, and vice versa.

 

 

 

 

 

4021196 Rev B

 

57

Page 57
Image 57
Cisco Systems EPC3825, DPC3825, 4034441, 4034138 important safety instructions Section Field Description Key, Auto IKE, Manual

4034138, EPC3825, 4034441, DPC3825 specifications

Cisco Systems has long been a pioneer in networking technologies, and the DPC3825, EPC3825 models are prime examples of its commitment to providing reliable and advanced solutions for consumers and businesses alike. These models are equipped with features that cater to a variety of networking needs, making them ideal for both residential and small business environments.

At the heart of the Cisco DPC3825 and EPC3825 is a powerful DOCSIS 3.0 cable modem that supports multiple downstream and upstream channels, allowing for high-speed internet connectivity. This capability enhances the overall bandwidth management, enabling multiple users to enjoy seamless internet access. With download speeds of up to 600 Mbps and upload speeds reaching 120 Mbps, these devices ensure that high-definition streaming, online gaming, and video conferencing can occur without interruptions.

One key feature of these models is their integrated Wi-Fi capabilities. Utilizing dual-band wireless technology, the DPC3825 and EPC3825 can operate on both 2.4GHz and 5GHz bands, providing greater flexibility and reduced interference. This setup allows users to connect a range of devices, from smartphones and tablets to smart home equipment, without compromising on performance.

Security is a priority in today’s online landscape, and Cisco has incorporated advanced security measures into these models. They come equipped with robust firewalls, encryption protocols, and support for various authentication methods, ensuring that users’ data remains safe from unauthorized access. Moreover, the user-friendly web interface allows for easy network management and configuration, enabling users to customize their settings according to their specific needs.

The DPC3825 and EPC3825 are also designed with energy efficiency in mind. The devices consume minimal power while still delivering robust performance, contributing to lower electricity bills and a reduced environmental footprint. Their compact design allows for easy placement in any home or office environment, making them unobtrusive yet effective.

Furthermore, these models offer features like Quality of Service (QoS), which prioritizes bandwidth for high-priority applications such as video streaming and VoIP calls. This ensures that all activities on the network operate smoothly, even during peak usage times.

In summary, Cisco's DPC3825 and EPC3825 cable modems exemplify high performance, security, and energy efficiency. With their advanced features and technologies, they cater to the evolving needs of users, making them a preferred choice for reliable internet connectivity in homes and small businesses.