SonicWALL 5.8.1 Manuale Utente
VPN > Settings
881
SonicOS 5.8.1 Administrator Guide
Step 4
In the IKE (Phase 1) Proposal section, use the following settings:
–
Select the DH Group from the DH Group menu.
Note
The Windows 2000 L2TP client and Windows XP L2TP client can only work with
DH Group 2. They are incompatible with DH Groups 1 and 5.
DH Group 2. They are incompatible with DH Groups 1 and 5.
–
Select 3DES, AES-128, or AES-256 from the Encryption menu.
–
Select the desired authentication method from the Authentication menu.
–
Enter a value in the Life Time (seconds) field. The default setting of 28800 forces the
tunnel to renegotiate and exchange keys every 8 hours.
tunnel to renegotiate and exchange keys every 8 hours.
Step 5
In the IPsec (Phase 2) Proposal section, select the following settings:
–
Select the desired protocol from the Protocol menu.
–
Select 3DES, AES-128, or AES-256 from the Encryption menu.
–
Select the desired authentication method from the Authentication menu.
–
Select Enable Perfect Forward Secrecy if you want an additional Diffie-Hellman key
exchange as an added layer of security. Select Group 2 from the DH Group menu.
exchange as an added layer of security. Select Group 2 from the DH Group menu.
Note
The Windows 2000 L2TP client and Windows XP L2TP client can only work with DH
Group 2. They are incompatible with DH Groups 1 and 5.
Group 2. They are incompatible with DH Groups 1 and 5.