10/100/1000 4-Port VPN Router
Encryption Key: This field specifies a key used to encrypt and decrypt IP traffic, and the Encryption Key is generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same Encryption Key. If DES is selected, the Encryption Key is
Authentication Key: This field specifies a key used to authenticate IP traffic and the Authentication Key is generated yourself. The hexadecimal value is acceptable in this field. Both sides must use the same Authentication key. If MD5 is selected, the Authentication Key is
IKE with Preshared Key (automatic)
IKE is an Internet Key Exchange protocol that is used to negotiate key material for SA (Security Association). IKE uses the
Phase 1 DH Group: Phase 1 is used to create a security association (SA). DH
Phase 1 Encryption: There are two methods of encryption, DES and 3DES. The Encryption method determines the length of the key used to encrypt/decrypt ESP packets. DES is
Phase 1 Authentication: There are two methods of authentication, MD5 and SHA. The Authentication method determines a method to authenticate the ESP packets. Both sides must use the same Authentication method. MD5 is a
SHA is a
Phase 1 SA Life Time: This field allows you to configure the length of time a VPN tunnel is active in Phase 1. The default value is 28,800 seconds.
Perfect Forward Secrecy: If PFS is enabled, IKE Phase 2 negotiation will generate a new key material for IP traffic encryption and authentication. If PFS is enabled, a hacker using brute force to break encryption keys is not able to obtain other or future IPSec keys.
Chapter 5: Setting Up and Configuring the Router | 50 |
VPN Tab - Client to Gateway