Foundry AR-Series Router User Guide
Table 15.3: Authentication Algorithms
Authentication Algorithms for AH/ | Hash Size |
ESP |
|
|
|
| 96 bits |
|
|
96 bits | |
|
|
Table 15.4: | |
|
|
| Key Size |
Authentication |
|
|
|
Group 1 | 768 bits |
|
|
Group 2 | 1024 bits |
|
|
Group 5 | 1536 bits |
|
|
Foundry IKE and IPSec Defaults
To minimize configuration required by the user, default IKE and IPSec values have been implemented in Foundry’s encryption scheme. Foundry supports a maximum of 100 IPSec tunnels.
IKE Defaults
Table 15.5: lists IKE defaults. When the user creates an IKE policy specifying an IKE peer, an IKE proposal with priority 1 is automatically created. However, to make the IKE policy fully functional, the user must enter a pre- shared key.
Table 15.5: IKE Default Values
Parameter Name | Foundry Default | Foundry Default |
| Value: | Value: |
| Site to Site | Remote Access |
|
|
|
Mode | Main mode | Aggressive mode |
|
|
|
Perfect forward secrecy | Disabled | Disabled |
|
|
|
Hash algorithm | SHA1 | SHA1 |
|
|
|
Encryption algorithm | DES | DES |
|
|
|
Authentication method | PreShared | PreShared |
|
|
|
DH Group | Group 1 | Group 1 |
|
|
|
Lifetime | 86400 seconds | 86400 seconds |
|
|
|
Response type | Initiator and responder | Responder only |
|
|
|
15 - 62 | © 2004 Foundry Networks, Inc. | June 2004 |
