Lucent Technologies 5800 Series 사용자 설명서

Digest 5.

–

SHA1:  Request AH encapsulation and authenticate using Secure 

Hashing Algorithm 1.

3. ESP Authentication Scheme:  Select which ESP message 

authentication to propose:

–

NONE:  Perform no message authentication.

–

MD5:  Perform message authentication using Message Digest 5.

–

SHA1:  Perform message authentication using Secure Hashing 

Algorithm 1.

4. ESP Encryption Scheme:  Select the encryption method (if any) to 

propose:

–

DES:  Use ESP encapsulation and 56-bit encryption.

–

3DES:  Use ESP encapsulation and three 56-bit keys to produce 

168-bit encryption.

–

NULL:  ESP encapsulation, but no data encryption.  ESP 

encapsulation enables verification of the source, but data is sent in 

the clear to increase throughput.

–

NONE:  No ESP encapsulation and no encryption is used.

5. IP Compression Method:  Select whether to propose LZS IP 

compression, or none.

6. Phase II Proposal Lifetime:  Enter the length of time to propose, as 

measured in seconds, before the IPSec SA expires.  The default setting 

is 1800 seconds.  Once this lifetime is elapsed, your router will 

renegotiate the IKE connection.

7. Phase II Proposal Data:  Enter the amount of data, as measured in 

kilobytes, before the IPSec SA terminates.  After the specified quantity 

of data has been transferred, your router will renegotiate the IKE 

connection.  If you use zero, the data quantity will be unlimited.  By 

setting a limit on the amount of data transferred, you can reduce the 

risk of a key becoming compromised.

8. Click on the Save IKE Settings button to save your IKE IPSec 

proposal definition and return to the home screen.