Reference Manual for the ProSafe VPN Firewall FVS114

Table 6-1.

VPN Manual Policy Configuration Fields

 

 

 

Field

 

Description

 

 

Authentication Algorithm

If you enable AH, then select the authentication algorithm:

 

 

• MD5 — the default

 

 

• SHA1 — more secure

 

 

Enter the keys in the fields provided. For MD5, the keys should be 16

 

 

characters. For SHA-1, the keys should be 20 characters.

 

 

 

Key - In

 

Enter the keys.

 

 

• For MD5, the keys should be 16 characters.

 

 

• For SHA-1, the keys should be 20 characters.

 

 

Any value is acceptable, provided the remote VPN endpoint has the same

 

 

value in its Authentication Algorithm Key - Out field.

 

 

 

Key - Out

 

Enter the keys in the fields provided.

 

 

• For MD5, the keys should be 16 characters.

 

 

• For SHA-1, the keys should be 20 characters.

 

 

Any value is acceptable, provided the remote VPN endpoint has the same

 

 

value in its Authentication Algorithm Key - In field.

 

 

Encapsulated Security

ESP provides security for the payload (data) sent through the VPN tunnel.

Payload (ESP) Configuration

Generally, you will want to enable both encryption and authentication.

 

 

when you use ESP. Two ESP modes are available:

 

 

• Plain ESP encryption

 

 

• ESP encryption with authentication

 

 

These settings must match the remote VPN endpoint.

 

 

SPI - Incoming

Enter a hexadecimal value (3 - 8 chars). Any value is acceptable, provided

 

 

the remote VPN endpoint has the same value in its Outgoing SPI field.

 

 

SPI - Outgoing

Enter a hexadecimal value (3 - 8 chars). Any value is acceptable, provided

 

 

the remote VPN endpoint has the same value in its Incoming SPI field.

 

 

Enable Encryption

Use this check box to enable or disable ESP Encryption.

 

 

Encryption Algorithm

If you enable ESP Encryption, then select the Encryption Algorithm:

 

 

• DES — the default

 

 

• 3DES — more secure

 

 

 

Key - In

 

Enter the key in the fields provided.

 

 

• For DES, the key should be eight characters.

 

 

• For 3DES, the key should be 24 characters.

 

 

Any value is acceptable, provided the remote VPN endpoint has the same

 

 

value in its Encryption Algorithm Key - Out field.

 

 

 

Key - Out

 

Enter the key in the fields provided.

 

 

• For DES, the key should be eight characters.

 

 

• For 3DES, the key should be 24 characters.

 

 

Any value is acceptable, provided the remote VPN endpoint has the same

 

 

value in its Encryption Algorithm Key - In field.

 

 

 

 

 

 

6-12

 

Advanced Virtual Private Networking

202-10098-01, April 2005

Page 100
Image 100
NETGEAR fvs114 manual Value in its Authentication Algorithm Key Out field