Specifications

ManualsBrandsAlcatel ManualsComputer equipmentOmniAccess AP61

121

122

123

124

125

126

127

128

129

130

Security Options 103

Chapter 5

Disable Wireless

Devices when

Client is Wired

Allows the VPN dialer to detect when a wired network

connection is in use. If this option is enabled, the

wireless interface will be shut down while a wired

connection exists.

Enable SecurID

New and Next

Pin Mode

TBC

Authentication Specifies the list of authentication protocols to be

supported. This list should match the switch IPSec or

PPTP configuration, and should also contain at least one

protocol supported by the authentication server. It is

generally safe to leave all protocols enabled. If SecureID

Token Caching is enabled (see the SecureID Token

Caching section of this guide below), the system will

cache SecureID tokens so that users do not need to

reauthenticate every time a network connection is lost.

IKE Lifetime Specifies how long an IKE security association lasts, in

seconds. This parameter must match the IKE lifetime

configured in the IPSec IKE policy. The default value is

28,800 seconds.

IKE Encryption Specifies the IKE encryption protocol. This parameter

must match the IKE encryption protocol configured in

the IPSec IKE policy. The default value is triple-DES.

IKE

Diffie-Hellman

Group

Specifies whether IKE will use Diffie-Hellman group 1 or

group 2. This parameter must match the IKE

Diffie-Hellman group configured in the switch. The

default is group 2.

IKE Hash

Algorithm

Specifies the hash algorithm used by IKE – either SHA or

MD5. This parameter must match the IKE hash

algorithm configured in the IPSec IKE policy. The default

is SHA.

IKE

Authentication

Specifies whether RSA signatures or pre-shared keys

should be used for IKE authentication. This parameter

must match the “IKE Shared Secrets” configuration.

The default is for pre-shared key authentication. Make

sure the pre-shared key specified here matches the

pre-shared key specified in the IKE shared secrets policy.

IPSec Lifetime Specifies how long an IPSec security association lasts,

in seconds. The default is 7200 seconds.

IPSec Mode

Group

Specifies the IPSec Perfect Forward Secrecy (PFS)

mode. The default is Group 2.

IPSec Encryption Specifies the encryption type used for IPSec. The

default is triple-DES.