ESP Configuration
Enable Encryption
: This setting ensures that data transferred
through the VPN tunnel is encrypted. It should always be turned on,
and must match the corresponding setting in VPN Tracker
(Advanced > Phase 2 > Encryption Algorithms).
The device uses 3DES by default, which is generally a good choice. AES-128/192/256 are considered to be even more
secure (AES-192/AES-256 are only available in the Professional Edition of VPN Tracker).
Enable Authentication
: This setting ensures that data sent through the VPN tunnel is authenticated. It should always be
turned on, and must match the corresponding setting in VPN Tracker (Advanced > Phase 2 > Authentication Algorithms).
Do not select more authentication algorithms in VPN Tracker than the one selected on the device. NETGEAR uses SHA-1
by default (which corresponds to HMAC SHA-1 in VPN Tracker, MD5 on the NETGEAR corresponds to HMAC MD5 in
VPN Tracker).
32
Note
While is possible to set more than one encryption algorithm in VPN Tracker (as long as the one used by the
device is among them), setting more than two or three algorithms (or algorithms not known to the device) may
cause the connection to fail