Field
Description
Send Initial Contact
Message
Select whether IKE Initial Contact messages are to be sent dur-
ing IKE (phase 1) if no SAs with a peer exist.
The function is enabled with
#/
.
The function is enabled by default.
Sync SAs with ISP in-
terface state
Select whether all SAs are to be deleted whose data traffic was
routed via an interface on which the status has changed from
3,
to
1
,
1
or
>/%
.
The function is enabled with
#/
.
The function is disabled by default.
Use Zero Cookies
Select whether zeroed ISAKMP Cookies are to be sent.
These are equivalent to the SPI (Security Parameter Index) in
IKE proposals; as they are redundant, they are normally set to
the value of the negotiation currently in progress. Alternatively,
your device can use zeroes for all values of the cookie. In this
case, select
#/
.
Zero Cookie Size
Only for Use Zero Cookies = enabled.
Enter the length in bytes of the zeroed SPI used in IKE propos-
als.
The default value is
'
.
Dynamic RADIUS Au-
thentication
Select whether RADIUS authentication is to be activated via
IPSec.
The function is enabled with
#/
.
The function is disabled by default.
Fields in the PKI Handling Options menu
Field
Description
Ignore Certificate Re-
quest Payloads
Select whether certificate requests received from the remote
end during IKE (phase 1) are to be ignored.
The function is enabled with
#/
.
18 VPN
Funkwerk Enterprise Communications GmbH
342
bintec Rxxx2/RTxxx2