Owner`s manual
Continued
65
Encryption Algorithm: 3DES is the de facto standard if you are connecting to
another Cortexa, or a system that will support it, change this to Blowsh. It is more
secure and about twice as fast! If you are trying to connect to a VPN device that
only supports DES then you will need to downgrade and hope no one decrypts
your key exchange. MAKE SURE BOTH VPN DEVICES ARE USING THE SAME
ENCRYPTION ALGORITHM.
Hash Algorithm: this is the hash used for checksum. MD5 is a good choice, SHA1
is another algorithm, but not everything supports it. Again make sure you are using
the same setting as the other end of the tunnel.
DH Key Group: Most systems will support at least up to 1024 bit. This is what we
recommend using.
Lifetime: This eld is more important than it appears. This lifetime, as opposed to
the one in phase 2, is how long your end will wait for phase 1 to be completed. We
suggest using 28,800 in this eld.
Pre-Shared Key: This key must be exactly the same on both VPN routers. It is case
sensitive, and it does support special characters. We suggest using both.
Phase 2 is what builds the actual tunnel, sets the protocol to use, and sets the length of time
to keep the tunnel up when there is no trafc on it.
3.
4.
5.
6.
7.
Cortexa 7202 ConfIguratIon utIlIty