3.Refer to the values displayed within the IKE Policies tab to determine if an existing policy requires revision, removal or a new policy requires creation.
Priority | Displays the priority for the IKE policy. The available range is from 1 to 65,543, with 1 being | |
| the highest priority value. | |
Encryption | Displays the encryption method protecting data transmitted between peers. Options include: | |
| • | DES. |
| • | 3DES - |
| • | AES - |
| • | AES 192 - |
| • | AES 256 - |
Hash Value | Displays the hash algorithm used to ensure data integrity. The hash value validates a packet | |
| comes from its intended destination, and has not been modified in transit. Options include: | |
| • | SHA - The default value. |
| • | MD5 - MD5 has a smaller digest and is somewhat faster than |
Authentication Type | Displays the authentication scheme used to validate the identity of each peer. | |
| keys do not scale accurately with a growing network but are easier to maintain in a small | |
| network. Options include: | |
| • | |
| • | RSA Signature- Uses a digital certificate with keys generated by the RSA signatures |
|
| algorithm. |
SA Lifetime | Displays an integer for the SA lifetime. The default is 60 seconds. With longer lifetimes, | |
| security defines future IPSec security associations quickly. Encryption strength is great | |
| enough to ensure security without using fast rekey times. Motorola recommends using the | |
| default value. | |
DH Group | Displays the | |
| a shared secret without transmitting it to one another. |
4.Highlight an existing policy and click the Edit button to revise the policy’s existing priority, encryption scheme, hash value, authentication scheme, SA lifetime and DH group.
5.Select an existing policy and click the Delete button to remove it from the table.