User`s guide

Chapter 8 Site-to-Site VPN

Create Site to Site VPN

8-42

Cisco Router and Security Device Manager Version 2.2 User’s Guide

OL-4015-08

Hash

The authentication algorithm to be used for the negotiation. SDM supports the

following algorithms:

• SHA_1—Secure Hash Algorithm. A hash algorithm used to authenticate

packet data.

• MD5—Message Digest 5. A hash algorithm used to authenticate packet data.

D-H Group

The Diffie-Hellman Group—Diffie-Hellman is a public-key cryptography

protocol that allows two routers to establish a shared secret over an unsecure

communications channel. SDM supports the following groups:

• group1—D-H Group 1. 768-bit D-H Group.

• group2—D-H Group 2. 1024-bit D-H Group. This group provides more

security than group 1, but requires more processing time.

• group5—D-H Group 5.1536-bit D-H Group. This group provides more

security than group 2, but requires more processing time.

Note Diffie-Hellman group5 is not supported on all routers.

Authentication

The authentication method to be used. The following value is supported:

• PRE_SHARE—Authentication will be performed using pre-shared keys.

• RSA_SIG—Authentication will be performed using digital certificates.

Type

Either SDM Default or User Defined. If no User Defined policies have been

created on the router, this window will show the default IKE policy.