Specifications
Configure Security
Cox Business Internet Gateway Admin Guide 41
Section
Field Description
Key Management
Key Exchange Method. The gateway supports both automatic
and manual key management. Note that both sides must use
the same key management method.
Select one of the following options for the key exchange
method:
Auto (IKE). Uses Internet Key Exchange (IKE) protocols to
negotiate key material for Security Association (SA).
Configure Auto key management using the following settings:
Encryption: The Encryption method determines the length of
the key used to encrypt/decrypt ESP packets. Notice that both
sides must use the same method.
Authentication: The Authentication method authenticates the
Encapsulating Security Payload (ESP) packets. Select MD5 or
SHA. Notice that both sides (VPN endpoints) must use the
same method.
MD5: A one-way hashing algorithm that produces a 128-bit
digest.
SHA: A one-way hashing algorithm that produces a 160-bit
digest.
– Perfect Forward Secrecy (PFS): If PFS is enabled, IKE
Phase 2 negotiation will generate new key material for IP traffic
encryption and authentication. Note that both sides must have
PFS enabled.
– Pre-Shared Key: IKE uses the Pre-Shared Key to
authenticate the remote IKE peer. Both character and
hexadecimal values are acceptable in this field. (For example,
"My_@123" or "0x4d795f40313233" are acceptable.) Note that
both sides must use the same Pre- Shared Key.
– Key Lifetime: This field specifies the lifetime of the IKE
generated key. If the time expires, a new key will be
renegotiated automatically. The Key Lifetime may range from
300 to 100,000,000 seconds.
The default lifetime is 3600 seconds.
Status
This field shows the connection status for the selected tunnel.
The state is either Connected or Not Connected.