odes-md5-96uses the encryption transform following the DES standard in Cipher- Block-Chaining mode with authentication provided by HMAC and MD5 (96-bit authenticator). It uses a 56-bit 3DES encryption key and a 128-bit HMAC-MD5 authentication key.

odes-sha1-96uses the encryption transform following the DES standard in Cipher- Block-Chaining mode with authentication provided by HMAC and SHA1 (96-bit authenticator). It uses a 56-bit DES encryption key and a 160-bit HMAC-SHA1 authentication key.

Local Network field is the network behind the local CyberGuard SG appliance. This field appears when Manual Keying has been selected.

Figure 9-16

Enter the Internet IP address of the remote party in The remote party's IP address field. In this example, enter: 209.0.01

The Endpoint ID is used to authenticate the remote party to the CyberGuard SG appliance. The remote party's ID is optional if it has a static IP address and uses Preshared Secrets for authentication. It becomes a required field if the remote party has a dynamic IP or DNS hostname address or if RSA Digital Key Signatures are used for authentication. It is optional in this example, because the remote party has a static IP address. If the remote party is a CyberGuard SG appliance, it must have the form abcd@efgh. If the remote party is not a CyberGuard SG appliance, refer the interoperability documents on the CyberGuard SG knowledge base web site (http://www.cyberguard.com/snapgear/knowledgebase.html) to determine what form it must take. In this example leave the field blank.

Click the Continue button to configure the Phase 1 Settings.

126

Virtual Private Networking

Page 130
Image 130
SnapGear 2.0.1 user manual Virtual Private Networking