User manual

Virtual Private Networking

215

Phase 1 settings page

Set the length of time before Phase 1 is renegotiated in the Key lifetime (s) field. In this

example, leave the Key Lifetime as the default value of 3600 minutes.

Set the time for when the new key is negotiated before the current key expires in the

Rekeymargin field. In this example, leave the Rekeymargin as the default value of 600

seconds.

Set the maximum percentage by which the Rekeymargin should be randomly increased

to randomize rekeying intervals in the Rekeyfuzz field. The Key lifetimes for both Phase

1 and Phase 2 are dependent on these values and must be greater that the value of

“Rekeymargin x (100 + Rekeyfuzz) / 100.” In this example, leave the Rekeyfuzz as the

default value of 100%.

Enter a secret in the Preshared Secret field. This must remain confidential. In this

example, enter the Preshared Secret used at the branch office SG unit, which was: This

secret must be kept confidential

Select a Phase 1 Proposal. In this example, select the 3DES-SHA-Diffie Hellman

Group 2 (1024 bit) option (same as the Branch Office Phase 1 Proposal).

Click the Next button to configure the Phase 2 Settings.

Phase 2 settings page

Select Network of LAN (Switch A) for the Local Network, enter 192.168.2.0/24 for the

Remote Network and click Add.

Set the length of time before Phase 2 is renegotiated in the Key lifetime (s) field. In this

example, leave the Key Lifetime as the default value of 600 seconds.

Select a Phase 2 Proposal. In this example, select the 3DES-SHA-Diffie Hellman

Group 2 (1024 bit) option (same as the Branch Ofiice Phase 2 Proposal).

Click the Apply button to save the tunnel configuration.