Avaya 3.7 Manuel D’Utilisation

Used to change the preshared secret key of a site-to-site VPN. This should be done regularly to 
ensure maximum security.

Only SKIP and Preshared Secret IKE VPNs can be manually rekeyed. In the case of SKIP, 
rekeying generates and distributes a new master key to all security gateways associated with 
the VPN. This SKIP master key is used to generate session keys used for cryptographic 
functions. In the case of Preshared Secret IKE VPNs, rekeying generates and distributes a new 
negotiation key to all security gateways associated with the VPN. This negotiation key is used to 
provide authentication during IKE negotiations, in which the actual session key is dynamically 
generated. Manual Keyed VPNs can be rekeyed by manually editing the relevant keys.

The Advanced tab is used to set up advanced VPN options. Generally, the defaults do not need 
to be changed.

Apply VPN to clients only provides VPN access to users and ignores the site-to-site “mesh” or 
relationships between security gateways. This is a usability feature that can be used in VPNs 
with complex rules to only mesh the users. 

In a normal VPN, the IP Groups are meshed together and the users are meshed with the 
groups. When the “Apply VPN to clients only” check box is check, only the users are meshed.