Manualshelf

Quick Reference Guide

ManualsBrandsNetgear ManualsPC ComponentsNetgear FVS338
111112113114115116117118119120
ProSafe VPN Firewall 50 FVS338 Reference Manual
Virtual Private Networking 5-17
v1.0, January 2010
Each policy that is listed in the List of IKE Policies table contains the following data:
Name. Uniquely identifies each IKE policy. The name is chosen by you and used for the
purpose of managing your policies; it is not supplied to the remote VPN Server. If the policy is
a client policy, it will be prepended by an “*”.
Mode. Two modes are available: either “Main” or “Aggressive”.
Main Mode is slower but more secure.
Aggressive mode is faster but less secure. (If specifying either a FQDN or a User FQDN
name as the Local ID/Remote ID, aggressive mode is automatically selected.)
Local ID. The IKE/ISAKMP identifier of this device. (The remote VPN must have this value
as their “Remote ID”.)
Remote ID. The IKE/ISAKMP identifier of the remote VPN gateway. (The remote VPN must
have this value as their “Local ID”.)
Encr. Encryption Algorithm used for the IKE SA. The default setting using the VPN Wizard is
3DES. (This setting must match the Remote VPN.)
Auth. Authentication algorithm used for the IKE SA. The default setting using the VPN
Wizard is SHA1. (This setting must match the remote VPN.)
DH. Diffie-Hellman Group. The Diffie-Hellman algorithm is used when exchanging keys. The
DH Group sets the number of bits. The VPN Wizard default setting is Group 2. (This setting
must match the remote VPN.)
Enable Dead Peer Detection: Dead Peer Detection is used to detect whether the peer is alive
or not. If the peer is detected as dead, the IPSec and IKE Security Association are deleted.
Figure 5-19