Specifications

Issue 1.0, April 2006 Section 364-180-N02

All right

The availability o

quickly: thus, it is referred to as quick mode. The identity of the IKE peers has already been

verified in phase 1, and the ISAKMP SA already protects exchanges between the IKE peers.

Therefore, the identities passed in quick mode are not the identities of the IKE peers but rather the

identities of the selectors to be used in the IPSec security policy database. A phase 1 ISAKMP SA

is required when negotiating a phase 2 SA. Once established, a phase 2 SA can exist

independently of the phase 1 SA that is later destroyed.

• PKCS #10: Certificate Request Syntax Standard

• PKCS #7: Cryptographic Message Syntax Standard

• PKCS #11: Cryptographic Token Interface Standard

 IPSec Configuration

1. Log in to your router. From the left frame, click Configuration and then click the

IPSec link. Set your Negotiation ID.

IKE defines two modes when negotiating a phase 1 SA: main mode and aggressive mode.

• For Aggressive Mode use a string like remote@ABCD.com

• For Main Mode use the WAN IP address of your Branch Office (remote) VPN router

(our example shows a setup in Aggressive Mode)

arles Industries, Ltd.

s reserved. Printed in United States of America.

f features and technical specifications herein subject to change without notice.