Manualshelf

System information

ManualsBrandsConel ManualsComputer equipmentUR5 v2
41424344454647484950
1. CONFIGURATION OVER WEB BROWSER
Continued from previous page
Item Description
IKE Mode Defines mode for establishing connection (main or aggressive).
If the aggressive mode is selected, establishing of IPsec tunnel
will be faster, but encryption will set permanently on 3DES-MD5.
IKE Algorithm Way of algorithm selection:
auto encryption and hash alg. are selected automatically
manual encryption and hash alg. are defined by the user
IKE Encryption Encryption algorithm 3DES, AES128, AES192, AES256
IKE Hash Hash algorithm MD5 or SHA1
IKE DH Group Diffie-Hellman groups determine the strength of the key used in
the key exchange process. Higher group numbers are more se-
cure, but require additional time to compute the key. Group with
higher number provides more security, but requires more pro-
cessing time.
ESP Algorithm Way of algor ithm selection:
auto encryption and hash alg. are selected automatically
manual encryption and hash alg. are defined by the user
ESP Encryption Encryption algorithm DES, 3DES, AES128, AES192, AES256
ESP Hash Hash algorithm MD5 or SHA1
PFS Ensures that derived session keys are not compromised if one of
the private keys is compromised in the future
PFS DH Group Diffie-Hellman group number (see IKE DH Group)
Key Lifetime Lifetime key data part of tunnel. The minimum value of this pa-
rameter is 60s. The maximum value is 86400 s.
IKE Lifetime Lifetime key service part of tunnel. The minimum value of this
parameter is 60s. The maximum value is 86400 s.
Rekey Margin Specifies how long before connection expiry should attempt
to negotiate a replacement begin. The maximum value must be
less than half the parameters IKE and Key Lifetime.
Rekey Fuzz Specifies the maximum percentage by which should be randomly
increased to randomize re-keying intervals
DPD Delay Defines time after which is made IPsec tunnel verification
DPD Timeout By parameter DPD Timeout is set timeout of the answer
Authenticate Mode By this parameter can be set authentication:
Pre-shared key shared key for both off-side tunnel.
X.509 Certificate allows X.509 certification in multiclient mode
Continued on next page
40
LUCOM GmbH * Ansbacher Str. 2a * 90513 Zirndorf * Tel. 09127/59 460-10 * Fax. 09127/59 460-20 * www.lucom.de