Avaya 3.7 User Manual

Using the VPN tabs

Issue 4 May 2005

147

Lifetime

Payload key lifetime defines the extent to which a single set of
cryptographic keys is used when applying VPN services to IP
packets. Lifetimes are either time based or based on throughput.
Time-based lifetimes are based on the amount of time that the
keys are used without a key change. Throughput lifetimes are
defined by the amount of data that is acted on by a set of keys.

Enter a numerical value and select a unit of measure for both
time-based and throughput lifetimes. Whichever occurs first
triggers the new key.

Note:

Note:

For time-based lifetime, the following are the
minimum values in each category: Day = 1,
Minutes = 1, and Seconds = 60.

DH Group
(Diffie-Hellman
Group)

Diffie-Hellman groups define the cryptographic key strengths
used during IPSEC negotiations. The level of security increases
as the DH group number increases. Using a higher level DH
group results in longer key exchange times.

●

Group 1
Key strength: 768 bit
Platform support: SG5, SG5x, SG200, SG203, and SG208

●

Group 2
Key strength: 1024 bit
Platform support: SG5, SG5X, SG200, SG203, and SG208

●

Group 5
Key strength: 1536 bit
Platform support: SG5, SG5X, SG200, SG203, and SG208

●

Group 14
Key strength: 2048 bit
Platform support: SG203 and SG208

See RFC2409 for more information on Diffie-Hellman Groups.

Locate This
IPSec Proposal

Establishes the IPSec proposal rank in the negotiating list. The first
proposal in the list is the first attempted to be negotiated with the
device on the other side.

●

Beginning of list

●

End of list

●

After Selected Item

Field

Description