Specifications
WAN Configuration 4-21
8. Provide keys for both Inbound ESP Encryption Key and Outbound ESP Encryption Key. The length
of the keys is mandated by the selected encryption algorithm. These keys must match the opposite keys
at the remote gateway. The outbound key here must match the inbound key at the remote gateway, and
the inbound key here must match the outbound key at the remote gateway.
9. If ESP with Authentication is enabled, an authentication algorithm must be selected to be used with
ESP from the ESP Authentication Algorithm menu.
10.If ESP with Authentication is enabled, specify both the Inbound and Outbound ESP
Authentication Keys.
11.Provide two (up to) eight-character hexadecimal values used to identify the inbound and outbound
security association created by the encryption algorithm. These values must match the reciprocal
inbound/outbound SPI values configured on the remote security gateway, so the local inbound key must
match the remote outbound key, and so on. This value should also be unique across all tunnels on the
system.
12.Select Ok to return to the VPN screen.
4.6.4 Setting Up Automatic Key Exchange
1. Select the Auto (IKE) Key Exchange radio button. This enables the Automatic Key Settings and IKE
Settings buttons.
2. Click the Automatic Key Settings button to set up this security scheme and the following screen
appears.
AES 128-bit This option selects the Advanced Encryption Standard algorithm in use with 128-bit (32-
character hexadecimal) keys.
AES 192-bit This option selects the Advanced Encryption Standard algorithm in use with 192-bit (48-
character hexadecimal) keys.
AES 256-bit This option selects the Advanced Encryption Standard algorithm in use with 256-bit (64-
character hexadecimal) keys.
MD5 Enables the Message Digest 5 algorithm, which requires 128-bit (32-character hexadeci-
mal) authentication keys.
SHA1 Enables Secure Hash Algorithm 1, which requires 160-bit (40-character hexadecimal)
keys.