TP-Link TL-R600VPN TL-R600VPN V1 User Guide - Page 53
Encryption Algorithm, IKE Security Policy, PFS Group, Lifetime, Status, Security Protocol,
View all TP-Link TL-R600VPN manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 53 highlights
TL-R600VPN SafeStreamTM Gigabit Broadband VPN Router User Guide Encryption Algorithm: Select the Encryption Algorithm for IPsec policy. The default value is "Auto". IKE Security Policy: Select the IKE Security Policy for IPsec policy. PFS Group: Select the PFS (Perfect Forward Security) for IKE mode to enhance security. This setting should match the remote peer. With PFS feature, IKE negotiates to create a new key in Phase2. As it is independent of the key created in Phase1, this key can be secure even when the key in Phase1 is de-encrypted. Without PFS, the key in Phase2 is created based on the key in Phase1 and thus once the key in Phase1 is de-encrypted, the key in Phase2 is easy to be de-encrypted, in this case, the communication secrecy is threatened. Lifetime: Specify IPsec SA Lifetime for IKE mode. Status: Enable or disable the entry. z Manual Mode Security Protocol: Select the Security Protocol for IPsec. Authentication Algorithm: Select the Authentication Algorithm for IPsec policy. The default value is "SHA1". Encryption Algorithm: Select the Encryption Algorithm for IPsec policy. The default value is "AES256". Incoming SPI: Specify the Incoming SPI (Security Parameter Index) manually. The Incoming SPI here must match the Outgoing SPI value at the other end of the tunnel, and vice versa. In Authentication Specify the inbound AH Authentication Key manually if AH Key: protocol is used in the corresponding IPsec Proposal. The inbound key here must match the outbound AH 47