Netgear FVS318NA FVS318 Reference Manual - Page 71
Configuring a SA Using Manual Key Management, Table 6-1.
![]() |
UPC - 606449027969
View all Netgear FVS318NA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 71 highlights
Reference Manual for the Model FVS318 Broadband ProSafe VPN Firewall The Security Association IKE Aggressive Mode fields are defined in the following table. Table 6-1. Security Association Aggressive Mode Configuration Fields Field Description Secure Association Choose Aggressive Mode key exchange mode for this VPN tunnel: • IKE Main Mode -- the default. • IKE Aggressive Mode -- faster but less secure. • Manual Keys -- more control but more complex. Perfect Forward Secrecy Perfect Forward Secrecy (PFS) provides additional security by means of a shared secret value. With PFS, if one key is compromised, previous and subsequent keys are secure because they are not derived from previous keys. Encryption Protocol Longer keys are more secure but the throughput could be slower. • Null - Fastest but no security. • DES - The Data Encryption Standard (DES) processes input data that is 64 bits wide, encrypting these values using a 56 bit key. Faster but less secure than 3DES or AES. • 3DES - (Triple DES) achieves a higher level of security by encrypting the data three times using DES with three different, unrelated keys. • AES - 128, - 192, or - 256. Most secure. Advanced Encryption Standard is a symmetric 128-bit block data encryption technique. Key Group This setting determines the Diffie-Hellman group bit size used in the key exchange. This must match the value used on the remote gateway. Pre-Shared Key Specify the key. Any value is acceptable, provided the remote VPN endpoint has the same value in its Pre-Shared Key field. Key Life IKE Life Time The default is 3600 seconds (one hour). At the end of this time, the connection will drop, the security association will be re-established, and the connection will be reactivated. The default is 28800 seconds (eight hours). NETBIOS Enable If you need to run Microsoft networking functions such as Network Neighborhood, click the NETBIOS Enable check box. Configuring a SA Using Manual Key Management Click the VPN Settings link of the Setup section of the main menu, and then click the radio button of a VPN tunnel, and then click the Edit button and choose Aggressive Mode from the Security Association drop-down list to display the Manual Keys menu shown in Figure 6-5. Virtual Private Networking 6-7 M-10146-01
![](/manual_guide/products/netgear-fvs318-fvs318-reference-manual-f2cda2e/71.png)