Cisco SRP521W-K9-G1 Administration Guide - Page 186

Configuring VPN IPSec Policy 7 STEP 6 Choose a policy type from the drop-down list. You can select from Auto or Manual. STEP 7 Enter the IPSec Policy settings as defined in the IPSec Policy Settings table. STEP 8 Click Submit to save your settings. The VPN policy appears in the List of IKE policies on the IKE Policy Add Entry page. IPSec Policy Settings General Settings Policy Name Enter a unique name for the VPN Policy. Policy Type Choose the policy type. Select from Auto Policy or Manual Policy. The Auto Policy uses the IKE protocol to negotiate random keys for more security. If you choose this option, you must also set an IKE policy on the Site to Site IPSec VPN > IKE Policy page The Manual Policy does not use IKE, which makes this policy more simple, but less secure. Remote Endpoint Choose how you want to identify the remote gateway for this site-to-site VPN tunnel. Select IP Address to enter an IP address, select FQDN to enter a Fully Qualified Domain Name, or select Any (available only for an Auto Policy). Be aware that an FQDN requires that the SRP can connect to a DNS server to resolve the address before establishing the VPN tunnel. Encryption Algorithm Choose the encryption algorithm. Select from DES (8 characters), 3DES (24 characters), AES-128 (16 characters) AES192 (24 characters) and AES256 (32 characters). Integrity Algorithm Choose an integrity algorithm. Select from MD5 (16 characters) or SHA-1 (20 characters). Cisco SRP500 Series Services Ready Platforms Administration Guide (SRP520 Models) 186