
CRADLEPOINT MBR1400 USER MANUAL Firmware ver. 3.4.1
∙Encryption: Used to encrypt messages sent and received by IPsec. o AES 128
o AES 256 o Blowfish o CAST o DES
o 3DES
∙Hash: Used to compare, authenticate, and validate that data across the VPN arrives in its intended form and to derive keys used by IPsec.
o MD5 o SHA1
o SHA2 256 o SHA2 384 o SHA2 512
∙DH Groups: The DH
o DH group 1:
o DH group 2:
o DH group 5:
In Phase 1, only one DH group can be selected while using Aggressive exchange mode.
By default, all the algorithms (encryption, hash, and DH groups) supported by the MBR1400 are checked, which means they are allowed for any given exchange. Deselect these options to limit which algorithms will be accepted. Be sure to check that the router (or similar device) at the other end of the tunnel has matching algorithms.
The algorithms are listed in order by priority. You can reorder this priority list by clicking and dragging algorithms up or down. Any selected algorithm may be used for IKE exchange, but the algorithms on the top of the list are more likely to be used more often.
© 2012 CRADLEPOINT, INC. | PLEASE VISIT HTTP://KNOWLEDGEBASE.CRADLEPOINT.COM/ FOR MORE HELP AND RESOURCES | PAGE 123 |