set vpn

 

 

authentication={nonemd5sha1}

 

The authentication algorithm used in authenticating clients.

 

none

 

No authentication. No authentication can be used to save time and

 

CPU cycles. It is not as secure, but the peers were authenticated in

 

phase 1.

 

md5

 

MD5 authentication, which uses 128-bit keys.

 

sha1

 

SHA1 authentication, which uses 160-bit keys.

 

encryption={nonedes3desaes}

 

The encryption algorithm used for encrypting data.

 

none

 

No encryption is used. One use of IPsec is to tie to private networks

 

together. If security is not a major concern, encryption can be

 

disabled to save on processing and overhead.

 

des

 

DES encryption, which uses 64-bit keys.

 

3des

 

3-DES encryption, which uses 192-bit keys.

 

aes

 

AES encryption, which uses either 128-bit, 192-bit, or 256-bit keys

 

depending on the negotiated security settings.

 

sa_lifetime=60-2^32

 

Determines how long a Security Association (SA) policy is active, in

 

seconds. After the SA has been negotiated, the SA lifetime begins.

 

Once the lifetime has completed, a new set of SA policies are

 

negotiated with the remote VPN endpoint.

 

sa_lifetime_data=(0 - 2^32) (kilobytes)

 

The amount of data, in bytes or kilobytes, that is sent and received until

 

the SA is renegotiated. This value is analogous to the SA lifetime. Also

 

known as SA life size.

See also

"display" on page 27. The “display sadb,” “display sp,” and “display vpn”

 

commands display VPN-related connection and status information.

 

"revert" on page 61. The “revert vpn” options revert groups of VPN

 

settings, or all VPN settings.

 

"show" on page 249.

 

"vpn" on page 256. The “vpn” command is used to manage and display

 

the status of VPN tunnels.

 

• The VPN settings in the Web user interface (Network > Virtual Private

 

Network (VPN) Settings) and the online help for these settings.

 

• The Digi Cellular Family User’s Guide section titled “Virtual Private

 

Network (VPN) Settings.”

240

Chapter 2 Command Descriptions

Page 240
Image 240
Digi 90000566_H Authentication=nonemd5sha1, Encryption=nonedes3desaes, Salifetime=60-232, Salifetimedata=0 232 kilobytes