Virtual Private Networking
126
o
des-md5-96 uses the encryption transform following the DES standard in Cipher-
Block-Chaining mode with authentication provided by HMAC and MD5 (96-bit
authenticator). It uses a 56-bit 3DES encryption key and a 128-bit HMAC-MD5
authentication key.
o
des-sha1-96 uses the encryption transform following the DES standard in Cipher-
Block-Chaining mode with authentication provided by HMAC and SHA1 (96-bit
authenticator). It uses a 56-bit DES encryption key and a 160-bit HMAC-SHA1
authentication key.
•
Local Network field is the network behind the local CyberGuard SG appliance. This
field appears when Manual Keying has been selected.
Figure 9-16
Enter the Internet IP address of the remote party in The remote party's IP address field.
In this example, enter: 209.0.01
The Endpoint ID is used to authenticate the remote party to the CyberGuard SG
appliance. The remote party's ID is optional if it has a static IP address and uses
Preshared Secrets for authentication. It becomes a required field if the remote party has
a dynamic IP or DNS hostname address or if RSA Digital Key Signatures are used for
authentication. It is optional in this example, because the remote party has a static IP
address. If the remote party is a CyberGuard SG appliance, it must have the form
abcd@efgh. If the remote party is not a CyberGuard SG appliance, refer the
interoperability documents on the CyberGuard SG knowledge base web site
(
http://www.cyberguard.com/snapgear/knowledgebase.html
) to determine what form it
must take. In this example leave the field blank.
Click the Continue button to configure the Phase 1 Settings.