|
| Prestige 334W User’s Guide | |
|
| Table | |
|
|
|
|
| LABEL | DESCRIPTION |
|
|
|
|
|
| Type your |
| |
|
| party during a phase 1 IKE negotiation. It is called |
|
|
| to share it with another party before you can communicate with them over a secure |
|
|
| connection. |
|
|
| Type from 8 to 31 |
|
|
|
| |
|
| which is not counted as part of the 16 to 62 character range for the key. For |
|
|
| example, in "0x0123456789ABCDEF", “0x” denotes that the key is hexadecimal and |
|
|
| “0123456789ABCDEF” is the key itself. |
|
|
| Both ends of the VPN tunnel must use the same |
|
|
| “PYLD_MALFORMED” (payload malformed) packet if the same |
|
|
| not used on both ends |
|
|
|
|
|
| Encryption | Select DES or 3DES from the |
|
| Algorithm | algorithm should be identical to the secure remote gateway. When DES is used for |
|
|
| data communications, both sender and receiver must know the same secret key, |
|
|
| which can be used to encrypt and decrypt the message. The DES encryption |
|
|
| algorithm uses a |
|
|
|
| |
|
| processing power, resulting in increased latency and decreased throughput. |
|
| Authentication | Select SHA1 or MD5 from the |
|
| Algorithm | SHA1 (Secure Hash Algorithm) are hash algorithms used to authenticate packet |
|
|
| data. The SHA1 algorithm is generally considered stronger than MD5, but is slower. |
|
|
| Select MD5 for minimal security and |
|
| Advanced | Click Advanced to configure more detailed settings of your IKE key management. |
|
|
|
|
|
| Apply | Click Apply to save your changes back to the Prestige. |
|
|
|
|
|
| Reset | Click Reset to begin configuring this screen afresh. |
|
|
|
|
|
16.11 IKE Phases
There are two phases to every IKE (Internet Key Exchange) negotiation – phase 1 (Authentication) and phase 2 (Key Exchange). A phase 1 exchange establishes an IKE SA and the second one uses that SA to negotiate SAs for IPSec.
VPN Screens |