Panasonic BBHGW700A User Manual

Page 90

Advertising
background image

Operating Instructions

90

Phase 1 Setup

Phase 2 Setup

Notes

When the conversion mode is set to Aggressive, both IPsec devices must have the same DH group
set.

When connecting an IPsec camera to the WAN side, the conversion mode must be set to Main.

Conversion Mode

Set the IKE phase 1 conversion mode to Main or Aggressive. The
key conversion procedure for Aggressive is simpler but security is
slightly reduced.

Life Time

Set the IKE SA lifetime. The time must be set between 5 minutes and
2400 hours.

Proposal Entry

Set whether to Enable or Disable this proposal. Proposals that are
disabled will not be proposed.

Proposal Encryption

Set the method of encryption used in phase 1. Select an encryption
method from DES, 3DES, AES (128 bit), AES (192 bit), and AES
(256 bit).

Proposal Hash

Set the authentication algorithm (hash). Select from MD5 and SHA-
1.

Proposal DH Group

Set the DH (Diffie-Hellman) group used in phase 1. Select between 1
and 2. DH group 2 is has increased security compared to DH group
1, but group 1 is not weak.

Life Time

Set the IPsec SA lifetime. The time must be set between 5 minutes
and 2400 hours.

PFS

Set whether to turn on PFS (Perfect Forward Security) in phase 2.
Select from Enable DH Group 2, Enable DH Group 1, and Disable.
When Enable Group 2 is selected, the Diffie-Hellman exchange is re-
performed in phase 2, and DH Group 2 creates a secret shared key.
When Enable Group 1 is selected, the Diffie-Hellman exchange is re-
performed in phase 2, and DH Group 1 creates a secret shared key.
When Disabled is selected, the secret shared key created in phase 1
is used in phase 2. Security is increased when PFS is enabled rather
than disabled.

Proposal Entry

Set whether to Enable or Disable this proposal. Proposals that have
Disable set will not be proposed.

Proposal Encryption

Set the method of encryption. Select from an encryption method
from DES, 3DES, AES (128 bit), AES (192 bit), AES (256 bit) and
NULL.

Proposal Hash

Set the authentication algorithm (hash). Select from MD5, SHA-1,
and None (authentication algorithm not used).

Advertising
This manual is related to the following products:

BB-HGW700A

Popular Brands
Popular manuals