IKE Proposal
Table
Parameter | Description |
|
|
|
|
Lifetime | Specify the length of time the security association remains valid before new |
| authentication and encryption keys must be exchanged (between 1 and 65535 |
| seconds, default 28800). A lower value increases security, but may be |
| inconvenient, since the connection is temporary disabled. |
|
|
Authentication | If selected, the device uses a shared password to authenticate access to the VPN |
Type: Pre- | connection. |
Shared Key | If you select this option and use the Aggressive Mode option, you need to specify |
| a Local ID Type and Peer ID Type. |
|
|
Authentication | If X.509 Certificates is selected as the Authentication Type, select the Local |
Type: X.509 | Certificate to be used for authentication from the |
Certificates | CA certificate to validate access to the VPN, check Only accept peer certificates |
| signed by. Then select the CA certificate from the |
| specify a certificate, the device will use any of the imported CA certificates |
| available on the device. |
| Note Import certificates from the X.509 Certificates page |
| (Authentication > X.509 Certificates) menu option to upload CA |
| Certificates and Local Certificates for use on the device. |
|
|
X Family LSM User’s Guide V 2.5.1 | 203 |
|
|