Westermo MRD-3x0 User Manual
Page 126
126
6623-3201
Phase 2 Configuration
Phase 2 establishes the IPsec Security Associations (SA)
parameters in order to establish an IPsec tunnel. Phase 2 has
one mode called Quick mode, it starts after IKE has started
a secure tunnel in phase 1. Quick mode is also used to re-
negotiate a new IPsec SA when the current IPsec SA lifetime
expires.
The phase 2 options are:
ESP proposal
Encapsulating Security Payload (ESP) is used to encrypt the
data transmitted in IP datagrams. The proposal establishes the
Encryption algorithm and Authentication protocol to use.
Encryption Algorithm
•
Select the encryption algorithm from the drop-
down list, the options are:
AES (128) 128 bit Advanced Encryption
Standard (AES).
AES (256) 256 bit Advanced Encryption
Standard (AES).
3DES Triple Data Encryption Standard (3DES).
Blowfish (128) 128 bit blowfish.
Blowfish (256) 256 bit blowfish.
Authentication Algorithm
•
Select the authentication algorithm from the
drop-down list, the options are:
MD5 Message-Digest algorithm 5.
SHA1 Secure Hash Algorithm.