SnapGear 2.0.1 User Manual

Virtual Private Networking

126

o

des-md5-96 uses the encryption transform following the DES standard in Cipher-

Block-Chaining mode with authentication provided by HMAC and MD5 (96-bit
authenticator). It uses a 56-bit 3DES encryption key and a 128-bit HMAC-MD5
authentication key.

o

des-sha1-96 uses the encryption transform following the DES standard in Cipher-

Block-Chaining mode with authentication provided by HMAC and SHA1 (96-bit
authenticator). It uses a 56-bit DES encryption key and a 160-bit HMAC-SHA1
authentication key.

•

Local Network field is the network behind the local CyberGuard SG appliance. This

field appears when Manual Keying has been selected.

Figure 9-16

Enter the Internet IP address of the remote party in The remote party's IP address field.
In this example, enter: 209.0.01

The Endpoint ID is used to authenticate the remote party to the CyberGuard SG
appliance. The remote party's ID is optional if it has a static IP address and uses
Preshared Secrets for authentication. It becomes a required field if the remote party has
a dynamic IP or DNS hostname address or if RSA Digital Key Signatures are used for
authentication. It is optional in this example, because the remote party has a static IP
address. If the remote party is a CyberGuard SG appliance, it must have the form
abcd@efgh. If the remote party is not a CyberGuard SG appliance, refer the
interoperability documents on the CyberGuard SG knowledge base web site
(

http://www.cyberguard.com/snapgear/knowledgebase.html

) to determine what form it

must take. In this example leave the field blank.

Click the Continue button to configure the Phase 1 Settings.