Broadband VPN Router User’s Manual
DH Group | Group 1 (768 bit) | Must match client PC |
|
|
|
IKE SA Life time | 28800 | Does not have to match client PC. Shorter |
|
| period will be used. |
|
|
|
IKE PFS | Disable | Must match client PC |
|
|
|
IPSec SA Parameters |
| |
|
|
|
IPSec SA Life time | 28800 | Do not have to match. Shorter period will be |
|
| used. |
|
|
|
IPSec PFS | Disable | Must match client PC |
|
|
|
AH authentication | Disabled | AH is rarely used |
|
|
|
ESP authentication | Enable/MD5 | Must match client PC |
|
|
|
ESP encryption | Enable/DES | Must match client PC |
|
|
|
1.Select Start - Programs - Administrative Tools - Local Security Policy .
2.Right click IP Security Policy on Local Machine and select Create IP Security Policy
Figure60: Windows 2000/XP - Local Security Settings3.Click "Next", then enter a policy name, for example "DUT To Win2K", then click "Next".
4.Step through the Wizard:
∙Deselect Activate the default response rule. Click "Next",
∙Leave Edit Properties checked. Click "Finish".
5.The following "Properties - Rules" screen will be displayed.
90