Cisco RV042 Administration Guide - Page 134
Preshared Key, Advanced settings for IKE with, Required fields for Manual mode, Incoming - esp
UPC - 745883560530
View all Cisco RV042 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 134 highlights
VPN Setting Up a Gateway to Gateway (Site to Site) VPN 9 Preshared Key, page 135 and Advanced settings for IKE with Preshared Key, page 136. • Required fields for Manual mode Enter the settings for manual mode. Be sure to enter the same settings when configuring other router for this tunnel. The Incoming / Outgoing SPI settings must be mirrored on the other router. - Incoming / Outgoing SPI: The Security Parameter Index is carried in the ESP (Encapsulating Security Payload Protocol) header and enables the receiver and sender to select the security association, under which a packet should be processed. You can enter hexadecimal values from 100~ffffffff. Each tunnel must have a unique Incoming SPI and Outgoing SPI. No two tunnels share the same SPI. The Incoming SPI here must match the Outgoing SPI value at the other end of the tunnel, and vice versa. - Encryption: Select a method of encryption: DES or 3DES. This setting determines the length of the key used to encrypt or decrypt ESP packets. DES is 56-bit encryption and 3DES is 168-bit encryption. 3DES is recommended because it is more secure. - Authentication: Select a method of authentication: MD5 or SHA1. The authentication method determines how the ESP packets are validated. MD5 is a one-way hashing algorithm that produces a 128-bit digest. SHA1 is a one-way hashing algorithm that produces a 160-bit digest. SHA1 is recommended because it is more secure. Make sure that both ends of the VPN tunnel use the same authentication method. - Encryption Key: Enter a key to use to encrypt and decrypt IP traffic. If you selected DES encryption, enter 16 hexadecimal values. If you selected 3DES encryption enter 40 hexadecimal values. If you do not enter enough hexadecimal values, then zeroes will be appended to the key to meet the required length. - Authentication Key: Enter a key to use to authenticate IP traffic. If you selected MD5 authentication, enter 32 hexadecimal values. If you selected SHA1, enter 40 hexadecimal values. If you do not enter enough hexadecimal values, then zeroes will be appended to the key to meet the required length. Cisco Small Business RV0xx Series Routers Administration Guide 134