ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual

Table 6-1. VPN Manual and Auto Policy Configuration Fields (continued)

Field

Description

 

 

 

Manual Policy Parameters

The Manual Policy creates an SA (Security Association) based on static

 

 

inputs

 

SPI-Incoming; SPI-Outgoing

Takes a hexadecimal value between 3 and 8 characters; for example:

 

 

0x1234

 

Encryption Algorithm:

The algorithm used to encrypt the data:

 

 

Encryption Key-In: Encryption key of the inbound policy. The length of

 

 

the key depends on the algorithm chosen. The length is in characters

 

 

as follows:

 

 

DES – 8 characters

 

 

3DES – 24 characters

 

 

AES-128 – 16 characters

 

 

AES-192 – 24 characters

 

 

AES-256 – 32 characters

 

 

Encryption Key-Out:Encryption key of the outbound policy. The

 

 

length of the key depends on the algorithm chosen. Lengths for the

 

 

outbound policy encryption key are the same as for the inbound policy.

 

 

 

 

Integrity Algorithm:

Algorithm used to verify the integrity of the data.

 

 

Integrity Key-In: The integrity key (for Encapsulated Security Payload

 

 

(ESP) with encryption mode) for the inbound policy and depends on

 

 

the algorithm chosen:

 

 

MD5 – 16 characters

 

 

SHA-1 – 20 characters

 

 

Integrity Key-Out:The integrity key (for ESP with encryption mode)

 

 

for the outbound policy and depends on the algorithm chosen. Lengths

 

 

are the same as for the inbound mode.

 

 

 

Auto Policy Parameters

 

 

 

 

 

SA Life Time

The duration of the Security Association before it expires.

 

 

• Seconds — the amount of time before the SA expires. Over an hour is

 

 

common (3600).

 

 

• Kbytes — the amount of traffic before the SA expires.

 

 

One of these can be set without setting the other.

 

 

 

 

Encryption Algorithm

The encryption algorithm used to encrypt the data:

 

 

• DES – the default

 

 

• 3DES – more secure

 

 

 

 

Integrity Algorithm

Algorithm used to verify the integrity of the data. The choices are:

 

 

• MD5 – the default

 

 

• SHA1 – more secure

6-6

Advanced Virtual Private Networking

v1.0, September 2007

Page 112
Image 112
NETGEAR FVG318NA manual Field Description Manual Policy Parameters, Auto Policy Parameters