ADW-4302v2 User Guide

IPSec PFS (Per-

If enabled, security is enhanced by ensuring that the key is

fect Forward

changed at regular intervals. Also, even if one key is broken,

Secrecy)

subsequent keys are no easier to break. (Each key has no

 

relationship to the previous key.)

 

This setting applies to both IKE and IPSec SAs. When con-

 

figuring the remote endpoint to match this setting, you may

 

have to specify the "Key Group" used. For this device, the

 

"Key Group" is the same as the "DH Group" setting in the IKE

 

section.

 

 

82