Billion Electric Company BiPAC 7402G User Manual

802.11g ADSL2+ VPN Firewall Router

Chapter 4: Configuration

Encryption:

Select the encryption method from the pull-down menu. There are several options, DES,

3DES

, AES (128, 192 and 256) and NULL. NULL means it is a tunnel only with no encryption. 3DES

and AES are more powerful but increase latency.

DES:

Stands for Data Encryption Standard, it uses 56 bits as an encryption method.

3DES:

Stands for Triple Data Encryption Standard, it uses 168 (56*3) bits as an encryption

method.

AES:

Stands for Advanced Encryption Standards, you can use 128, 192 or 256 bits as

encryption method.

Perfect Forward Secrecy:

Choose whether to enable PFS using Diffie-Hellman public-key cryptography

to change encryption keys during the second phase of VPN negotiation. This function will provide better
security, but extends the VPN negotiation time. Diffie-Hellman is a public-key cryptography protocol that
allows two parties to establish a shared secret over an unsecured communication channel (i.e. over the
Internet). There are three modes, MODP 768-bit, MODP 1024-bit and MODP 1536-bit. MODP stands for
Modular Exponentiation Groups.

Pre-shared Key:

This is for the Internet Key Exchange (IKE) protocol, a string from 4 to 128 characters.

Both sides should use the same key. IKE is used to establish a shared security policy and authenticated
keys for services (such as IPSec) that require a key. Before any IPSec traffic can be passed, each router
must be able to verify the identity of its peer. This can be done by manually entering the pre-shared key
into both sides (router or hosts).

Select the Apply button to apply your changes.

90