82
Adding the Autokey IKE:
Step
1.
Click the
New Entry
button and the
VPN Auto Keyed Tunnel
window will appear.
Step 2:
!
Preshare Key:
The IKE VPN must be defined with a Preshared Key. The
Key may be up to 128 bytes long.
!
ESP/AH:
The IP level security, AH and ESP, were originally
proposed by the Networking Group focused on IP security mechanisms,
IPSec. The term IPSec is used loosely here to refer to packets, keys, and
routes that are associated with these headers. The IP Authentication
Header (AH) is used to provide authentication. The IP Encapsulating
Security Header (ESP) is used to provide confidentially to IP datagrams.
!
ESP-Encryption Algorithm:
The DFL-80 auto-selects 56 bit DES-CBC or
168-bit Triple DES-CBC encryption algorithm. The default algorithm is 168-
bit Triple DES-CBC.
!
ESP-Authentication Method:
The DFL-80 auto-selects MD5 or SHA-1
authentication algorithm. The default algorithm is MD5.
!
IPSec Lifetime:
New keys will be generated whenever the lifetime of the
old keys is exceeded. The Administrator may enable this feature if needed
and enter the lifetime in seconds to re-key. The default is 28800 seconds
(eight hours). Selection of small values could lead to frequent re-keying,
which could affect performance.