EnGenius Technologies ESR350 用户手册
101
SA (Security Association)
IKE (Internet Key Exchange) is configured in two negotiations.
Phase 1 authenticates the VPN Clients to each other by
confirming the matching Pre-Shared Key with the two gateways.
IPSec is the Phase 2 of the VPN process.
Phase 1 authenticates the VPN Clients to each other by
confirming the matching Pre-Shared Key with the two gateways.
IPSec is the Phase 2 of the VPN process.
Manually configuring a VPN tunnel profile.
IKE (Phase 1) Proposal
IKE (Phase 1) Proposal
Exchange: Click the drop-down menu to select the type of
exchange (Main Mode, Aggressive Mode).
exchange (Main Mode, Aggressive Mode).
DH Group: Click the drop-down menu to select the DH group
(group 1, group 2, group 5, group 14).
(group 1, group 2, group 5, group 14).
Encryption: Click the drop-down menu to select the type of
encryption (DES, 3DES, AES128, AES192, AES256).
encryption (DES, 3DES, AES128, AES192, AES256).
Authentication: Click the drop-down menu to select the
authentication protocol (MD5, SHA1).
authentication protocol (MD5, SHA1).
Life Time: Enter the life time value for Phase 1. The life time
value should be greater than Phase 2 (IPSec). 86400 sec. (1day)
is a common default and is a normal value for Phase 1.
value should be greater than Phase 2 (IPSec). 86400 sec. (1day)
is a common default and is a normal value for Phase 1.
IPSec (Phase 2) Proposal
Protocol: Click the drop-down menu to select the protocol type
(ESP, AH)
(ESP, AH)
Encryption: Click the drop-down menu to select the type of
encryption (DES, 3DES, AES128, AES192, AES256).
encryption (DES, 3DES, AES128, AES192, AES256).
Authentication: Click the drop-down menu to select the
authentication protocol (MD5, SHA1).
authentication protocol (MD5, SHA1).
Perfect Forward Secrecy (PFS): Select enable to enable PFS. A
fresh DH key is generated during IKE phase II and renewed for
each key exchange to eliminate dependencies between the
keys.
fresh DH key is generated during IKE phase II and renewed for
each key exchange to eliminate dependencies between the
keys.
DH Group: Click the drop-down menu to select the DH group
(group 1, group 2, group 5, group 14).
(group 1, group 2, group 5, group 14).
Life Time: Enter the life time value for Phase 2. The life time
value should be smaller than Phase 1 (IKE). 3600 sec. (1 hour)
is a common value for Phase 2.
value should be smaller than Phase 1 (IKE). 3600 sec. (1 hour)
is a common value for Phase 2.
Apply: Click Apply to save the changes.
Cancel: Click Cancel to delete the changes.
Cancel: Click Cancel to delete the changes.