Manuals / Compatible Systems / Computer Equipment / Network Router

Compatible Systems 5.4 manual IKE Policy, VPN Client Tunnels 127 STEP/STAMP Encryption Secret

Models: 5.4

1 313
Download 313 pages 60.17 Kb
Page 133
Image 133

Chapter 7 - VPN Client Tunnels

127

 

 

STEP/STAMP Encryption Secret

This is a shared alphanumeric long term secret between 1-255 characters long. It is used to generate a series of short term keys which will be used to encrypt/decrypt information to and from the user.

The same secret must be entered into the VPN client in order for encryption and decryption to succeed.

IKE Policy

This section is used to set the Internet Security Association Key Management Protocol/Internet Key Exchange (ISAKMP/IKE) parameters. These settings control how the IntraPort server and client will identify and authenticate each other. This initial negotiation is referred to as Phase 1.

IKE Policy Global Dialog Box

To access this dialog box, select Global/IKE Policy from the Device View.

The parameters set in this dialog box are global to the device and are not asso- ciated with a particular interface. These parameters specify a protection suite for the IKE negotiation between the IntraPort server and client. There are pieces to the IKE protection suite.

1.The first piece of each option is the authentication algorithm to be used for the negotiation. MD5 is the message-digest 5 hash algorithm. SHA is the Secure Hash Algorithm, which is considered to be somewhat more secure than MD5.

Page 132 Page 134
Page 133
Image 133
Compatible Systems 5.4 manual VPN Client Tunnels 127 STEP/STAMP Encryption Secret, IKE Policy Global Dialog Box
Page 132 Page 134