-93-
ESP Authentication: Select the algorithm used to verify the integrity of the data for ESP
authentication. Options include:
MD5: MD5 (Message Digest Algorithm) takes a message of
arbitrary length and generates a 128-bit message digest.
SHA: SHA (Secure Hash Algorithm) takes a message less than the
64th power of 2 in bits and generates a 160-bit message digest.
ESP Encryption: Select the algorithm used to encrypt the data for ESP encryption.
Options include:
NONE: Performs no encryption.
DES: DES (Data Encryption Standard) encrypts a 64-bit block of plain
text with a 56-bit key. The key should be 8 characters.
3DES: Triple DES, encrypts a plain text with 168-bit key. The key should
be 24 characters.
AES128: Uses the AES algorithm and 128-bit key for encryption. The
key should be 16 characters.
List of IPsec Proposal
In this table, you can view the information of IPsec Proposals and edit them by the action buttons.
3.5.2.3 IPsec SA This page displays the information of the IPsec SA (Security Association).
Choose the menu VPN→IPsec→IPsec SA to load the following page.
Figure 3-62 IPsec SA
Figure 3-62 displays the connection status of the NO.1 entry in the List of IPsec policy in Figure 3-60.
As shown in the figure, the Router is using WAN2 for tunnel connection, and the IP address of WAN2
and the default gateway of remote peer are 172.30.70.151 and 172.30.70.161 respectively. Security
protocol and other parameters for IPsec tunnel and the remote router should be configured the same.
As Security Association is unidirectional, an ingoing SA and an outgoing SA are created to protect data
flows for each tunnel after IPsec tunnel is successfully established. The ingoing SPI value and