Manual

Table Of Contents

Software User Guide 81

Network Tab

Phase1DHGroup:SelecttheDHGroupneededforphase1(IKE)bychoosingoneofthevaluesfromthedrop‐down

listprovided.ThisoptionselectstheencryptionleveloftheDiffie‐HellmankeysandtheseareGroup1(768bits),

Group2(1024bits),Group5(1536bits)

orGr oup14(2048bits).Longerkeysimplybettersecuritybutatacostoflon‐

gernegotiation/set‐uptimeduringtheinitialconnectionestablishment.Thesesettingsmustmatchonbothendsof

theconnection.AvalueofNone

meansthatnoDHGroupwill beselectedforthisendofthetunnelanditwilladopt

thesettingsofitspeerduringconnectioninitiation.

Phase1ISAKMPTime(minutes):Selecthowlong,inminutes,thekeyingchannelofaconnection(ISAKMPSA)should

lastbeforebeingrenegotiated.

Pre‐Shared

Key(Required):Specifythekeytobeexchangedforencryptionnegotiationduringphase(IKE).Keymust

notcontainadouble‐quotecharacter.Note:ThePre‐SharedKeymustmatchonbothendsofthetunnelinorderto

work.

LocalPeerID:Specif y howtheleftparticipantshouldbeidentifiedfor

authentication.CanbeanIPaddressofafully

qualifieddomainnameprecededby@(whichisusedasaliteralstringandnotresolved).

RemotePeerID:Specif yhowtherightparticipantshouldbeidentifiedforauth entication.CanbeanIPaddressofa

fullyqualifieddomainnameprecededby

@(whichisusedasaliteralstringandnotresolved).

Phase2AuthType:DefineswhetherauthenticationshouldbedoneaspartofESPencryption,orseparatelyusingthe

AHprotocol.

Phase2Encryption:SelecttheESPencryptionalgorithmtobeusedfortheconnection.

Phase2Authentication:SelecttheESP

authenticationalgorithmtobeusedfortheconnection.

Phase2ISAKMPTime(minutes):Selecthowlong, inminutes,aparticularinstanceofaconnection(asetofencryp‐

tion/authenticationkeysforuserpackets)shouldlast,fromsuccessfulnegotiationtoexpiration.

• ClickontheNEXTbuttonandthefollowingTerminationSettingsdialog

windowwillappear:

LocalPublicIPAddress:ThisparametertypicallyonlyneedstobespecifiedwhentheRedLionrouterisconfiguredto

usemorethanoneexternal,untrustedinterface.SpecifytheIPAddressoftheleftparticipant’spublicnetworkinter‐

face.