D-Link DFL-300 User Manual - Page 117

Adding the Autokey IKE, New Entry, VPN Auto Keyed Tunnel, Step 2, Preshare Key, ESP/AH

Get D-Link DFL-300 - Security Appliance PDF manuals and user guides
UPC - 790069240751
View all D-Link DFL-300 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 117 highlights

Adding the Autokey IKE: Step 1. Click the New Entry button and the VPN Auto Keyed Tunnel window will appear. Step 2: Preshare Key: The IKE VPN must be defined with a Preshared Key. The Key may be up to 128 bytes long. ESP/AH: The IP level security headers, AH and ESP, were originally proposed by the Networking Group focused on IP security mechanisms, IPSec. The term IPSec is used loosely here to refer to packets, keys, and routes that are associated with these headers. The IP Authentication Header (AH) is used to provide authentication. The IP Encapsulating Security Header (ESP) is used to provide confidentially to IP datagrams. ESP-Encryption Algorithm: The FIREWALL VPN ROUTER auto-selects 56 bit DES-CBC or 168-bit Triple DES-CBC encryption algorithm. The default algorithm is 168-bit Triple DES-CBC. ESP-Authentication Method: The FIREWALL VPN ROUTER autoselects MD5 or SHA-1 authentication algorithm. The default algorithm is MD5. IPSec Lifetime: New keys will be generated whenever the lifetime of the old keys is exceeded. The Administrator may enable this feature if needed and enter the lifetime in seconds to re-key. The default is 28800 seconds (eight hours). Selection of small values could lead - 117 -

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
Adding the Autokey IKE:
Step
1.
Click the
New Entry
button and the
VPN Auto Keyed Tunnel
window will appear.
Step 2:
±
Preshare Key:
The IKE VPN must be defined with a Preshared Key. The
Key may be up to 128 bytes long.
±
ESP/AH:
The IP level security headers, AH and ESP, were originally
proposed by the Networking Group focused on IP security
mechanisms, IPSec. The term IPSec is used loosely here to refer to
packets, keys, and routes that are associated with these headers.
The IP Authentication Header (AH) is used to provide authentication.
The IP Encapsulating Security Header (ESP) is used to provide
confidentially to IP datagrams.
±
ESP-Encryption Algorithm:
The FIREWALL VPN ROUTER auto-selects
56 bit DES-CBC or 168-bit Triple DES-CBC encryption algorithm.
The default algorithm is 168-bit Triple DES-CBC.
±
ESP-Authentication Method:
The FIREWALL VPN ROUTER auto-
selects MD5 or SHA-1 authentication algorithm. The default
algorithm is MD5.
±
IPSec Lifetime:
New keys will be generated whenever the lifetime of the
old keys is exceeded. The Administrator may enable this feature if
needed and enter the lifetime in seconds to re-key.
The default is
28800 seconds (eight hours).
Selection of small values could lead
- 117 -