Belkin High Performance Wireless VPN Router N300 User Manual

Page 94

Advertising
background image

91

VPN

SA (Security Association)
IKE (Phase 1) Proposal

Exchange

Select Main Mode or Aggressive Mode for IKE Phase 1 negotiation.

• Main Mode: Select this option to configure the standard negotiation parameters

for IKE Phase 1 of the VPN Tunnel. (Recommended Setting)

• Aggressive Mode: Select this option to configure IKE Phase 1 of the VPN Tunnel to carry

out negotiation in a shorter amount of time. (Not Recommended - Less Secure)

DH Group

Select a DH Group from the drop-down menu (Group 1, Group2, Group5 and Group14). As the DH

Group number increases, the higher the level of encryption implemented for IKE Phase 1.

Encryption

F9K1004 supports DES, 3DES, AES128, AES192, AES256 encryption methods for traffic through the VPN.

Authentication

F9K1004 supports SHA1, MD5 methods for authentication.

Life Time

Enter the number of seconds for the IKE Lifetime. The period of time to pass before establishing a

new IKE security association (SA) with the remote endpoint. The default value is 28800.

IPSec (Phase 2) Proposal

Protocol

Select ESP (Encapsulating Security Payload) or AH (Authentication Header) for traffic through the VPN.
• AH (Authentication Header) to provide connectionless integrity and data origin

authentication for IP datagrams and to provide protection against replay attacks.

ESP (Encapsulating Security Payload) to provide confidentiality, data origin authentication, connectionless

integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality.

Encryption

F9K1004 supports DES, 3DES, AES128, AES192, AES256 encryption methods for traffic through the VPN.

Authentication

F9K1004 supports SHA1, MD5 methods for authentication.

Perfect Forward Secrecy

Select Enable or Disable to enable or disable PFS (Perfect Forward Secrecy). PFS is an additional security protocol.

DH Group

Select a PFS DH Group from the drop-down menu (Group 1, Group2, Group5, Group14). As the

DH Group number increases, the higher the level of encryption implemented for PFS.

Life Time

Enter the number of seconds for the IPSec Lifetime. The period of time to pass before establishing a

new IPSec security association (SA) with the remote endpoint. The default value is 28800.

Advertising
Popular Brands
Popular manuals