Netgear FVG318 FVG318 Reference Manual - Page 112
Manual Policy Parameters, Encryption Key-In, Integrity Key-In, Field, Description
UPC - 606449041668
View all Netgear FVG318 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 112 highlights
ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual Table 6-1. VPN Manual and Auto Policy Configuration Fields (continued) Field Description Manual Policy Parameters The Manual Policy creates an SA (Security Association) based on static inputs SPI-Incoming; SPI-Outgoing Takes a hexadecimal value between 3 and 8 characters; for example: 0x1234 Encryption Algorithm: The algorithm used to encrypt the data: • Encryption Key-In: Encryption key of the inbound policy. The length of the key depends on the algorithm chosen. The length is in characters as follows: DES - 8 characters 3DES - 24 characters AES-128 - 16 characters AES-192 - 24 characters AES-256 - 32 characters • Encryption Key-Out: Encryption key of the outbound policy. The length of the key depends on the algorithm chosen. Lengths for the outbound policy encryption key are the same as for the inbound policy. Integrity Algorithm: Algorithm used to verify the integrity of the data. • Integrity Key-In: The integrity key (for Encapsulated Security Payload (ESP) with encryption mode) for the inbound policy and depends on the algorithm chosen: MD5 - 16 characters SHA-1 - 20 characters • Integrity Key-Out: The integrity key (for ESP with encryption mode) for the outbound policy and depends on the algorithm chosen. Lengths are the same as for the inbound mode. Auto Policy Parameters SA Life Time The duration of the Security Association before it expires. • Seconds - the amount of time before the SA expires. Over an hour is common (3600). • Kbytes - the amount of traffic before the SA expires. One of these can be set without setting the other. Encryption Algorithm The encryption algorithm used to encrypt the data: • DES - the default • 3DES - more secure Integrity Algorithm Algorithm used to verify the integrity of the data. The choices are: • MD5 - the default • SHA1 - more secure 6-6 Advanced Virtual Private Networking v1.0, September 2007