Operation Manual
Cerberus Wi-Fi Lite (P6381-0)
49
Phase 2 – Set the fields for phase 2 negotiation.
Active Protocol – The Wireless-G Router uses ESP (Encapsulating Security Payload) to
maintain an SA.
Encryption Algorithm – Specify the encryption algorithm for this VPN rule. Choices are
3DES and AES128 (faster). Select NULL to set up phase 2 tunnel (for key exchange) without
encryption.
Authentication Algorithm – Specify the encryption algorithm for this VPN rule. Choices are
MD5 and SHA1 (more secure).
Key Life Time – Specify the time (in seconds) before the Wireless-G Router updates the key
with the remote VPN gateway. A short key life time increases security as it forces the two VPN
gateways to update the keys regularly. However, during the key update process, the VPN
tunnel(s) will be disrupted temporary.
Encapsulation – The Wireless-G Router uses Tunnel mode to encapsulate the entire IP
packet to transmit it securely.
Perfect Forward Secrecy (PFS) – Select ON to activate this feature. This sets the Wireless-G
Router and the remote VPN gateway to use different keys every time. Same keys are not used
twice. Enable this feature for maximum security. Select NONE to disable this feature for faster
SA setup in exchange for less data security.
OK – Click OK to save the settings
Cancel – Click Cancel to reset the fields.
Help – Click Help to display on-line help information in a pop-up screen.
Generating RSA Key
In addition to using a pre-shared key for security, you can set the Wireless-G Router to
automatically create a new RSA key for VPN communication. In the VPN Setup screen, click
the Generate RSA Key button.
Note: This process may take up to 2 minutes. Do NOT turn off the Wireless-G Router.
After the RSA key is generated, a screen display as shown. Click OK to return to the main
VPN Setup screen.
To display the public RSA key on the Wireless-G Router, click Show RSA Public Key button
in the VPN Setup screen.