IPSec PFS (Per- | If enabled, security is enhanced by ensuring that the key is |
fect Forward | changed at regular intervals. Also, even if one key is broken, |
Secrecy) | subsequent keys are no easier to break. (Each key has no |
| relationship to the previous key.) |
| This setting applies to both IKE and IPSec SAs. When con- |
| figuring the remote endpoint to match this setting, you may |
| have to specify the "Key Group" used. For this device, the |
| "Key Group" is the same as the "DH Group" setting in the IKE |
| section. |
|
|
82