Manualshelf

User's Manual

ManualsBrandsEnGenius Technologies ManualsElectronicsWireless 300Mbps Gigabit Router
71727374757677787980
[ pg. 79]
SA (Security Association)
IKE (Phase 1) Proposal
Exchange:
Select Main Mode or Aggressive Mode for IKE Phase 1
negotiation.
o Main Mode:
Select this option to configure the standard
negotiation parameters for IKE Phase 1 of the VPN Tunnel.
(Recommended Setting)
o Aggressive Mode: Select this option to configure IKE Phase 1 of
the VPN Tunnel to carry out negotiation in a shorter amount of
time. (Not Recommended - Less Secure)
DH Group: Select a DH Group from the drop-down menu (Group 1,
Group 2, Group 5 and Group 14). As the DH Group number
increases, the higher the level of encryption implemented for IKE
Phase 1.
Encryption: Supports DES, 3DES, AES128, AES192, AES256
encryption methods for traffic through the VPN.
Authentication: Supports SHA1, MD5 methods for authentication.
Life Time: Enter the number of seconds for the IKE Lifetime. The period of time to pass before establishing a new IKE security association (SA)
with the remote endpoint. The default value is 28800.
IPSec (Phase 2) Proposal
Protocol:
Select ESP (Encapsulating Security Payload) or AH (Authentication Header) for traffic through the VPN.
o AH (Authentication Header) to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection
against replay attacks.
o ESP (Encapsulating Security Payload) to provide confidentiality, data origin authentication, connectionless integrity, an anti-replay service (a
form of partial sequence integrity), and limited traffic flow confidentiality.
Encryption: Supports DES, 3DES, AES128, AES192, AES256 encryption methods for traffic through the VPN.
Authentication: Supports SHA1, MD5 methods for authentication.