e
e
mode that will be used for IPSec Perfect
Forward Security (PFS). The choices are
Disabled, Group 1, and Group 2. Group 1
uses 768-bit encryption, and Group 2 uses
1024-bit encryption. You must use exactly th
same PFS encryption mode on both ends of th
VPN tunnel.
This drop-down menu allows you to select the
level of encryption that will be applied to
packets
IPSec Operation
that are sent between the two endpoints
of a VPN tunnel.
ESP − specifies that the entire packet will be
encrypted (by the DES or 3DES algorithm, as
selected below) and authenticated (by the MD5
or SHA algorithm, as selected below).
entication
ted, the data
AH − specifies that only the auth
algorithm (MD5 or SHA, as selected below)
will be used. When AH is selec
portion of packets sent between the two
endpoints of a VPN tunnel will not be
encrypted.
IPSec Life Duration This is similar to the IK
described above. It is the duration, in seconds,
of the phase 2 key, after the tunnel is
established. When this time
peers will trigger the phase 2 negotiation to set
up a new phase 2 key and rebuild the tunnel.
E Life Duration,
has past, the two