PLANET CS-2001 User Manual

237

Terms in VPN

Diffie-Hellman

 A cryptographic protocol that allows two parties that have no perior knowledge

of each other to establish a shared secret key over an insecure communications

channel.

RSA

 The RSA is a kind of asymmetric cryptography. It involves a public and private

key. The public key can be known to everyone and is used for encrypting

messages. Messages encrypted with the public key can only be decrypted using

the private key.

Pre-Shared Key String

 A Pre-Shared Key String is a string of Unicode characters used to authenticate

Layer Two Tunneling Protocol (L2TP) over Internet Protocol security (IPSec)

connections.

ISAKMP (Internet Security Association Key Management Protocol)

 The IP Security Association Key Management Protocol (ISAKMP)

provides the way to create the Security Association (SA) between two PCs. The

SA can access the encoding between two PCs, and the IT administrator can

assign of which key size or Pre-Shared Key String and algorithm to use. The SA

comes in many connection ways, for instance, use the ISAKMP SA between two

PCs, and assign an ENC algorithm (DES, triple DES, 40-bit DES or not using

any) and an authentication method to use.

Main mode

 When associating IKE certificates, the device offers main mode and aggressive

mode to choose from. The main mode requests sending 6 messages mutually

before starting the data exchange, it is to confirm the identity of both parties,

ensuring the data transferring security.

Aggressive mode

 The aggressive mode requests sending 3 messages mutually before starting the

data exchange, it is to confirm the identity of both parties, ensuring the data

transferring security.