Configuring VPN
Configuring Advanced VPN Parameters
Cisco RV215W Wireless-N VPN Firewall Administration Guide
Draft Version 1—Cisco Confidential
•
Integrity Algorithm—Select the algorithm used to verify the integrity of the
data:
-
MD5
-
SHA-1
-
SHA2-256
•
Key-In—Enter the integrity key (for ESP with Integrity-mode) for the
inbound policy. The length of the key depends on the algorithm chosen:
-
MD5—16 characters
-
SHA-1—20 characters
-
SHA2-256—32 characters
•
Key-Out—Enter the integrity key (for ESP with Integrity-mode) for the
outbound policy. The length of the key depends on the algorithm chosen, as
shown above.
For an Auto policy type, enter the settings in the Auto Policy Parameters section.
•
SA-Lifetime—Enter the duration of the Security Association in seconds.
After the specified number of seconds passes, the Security Association is
renegotiated. The default value is 3600 seconds. The minimum value is 300
seconds.
•
Encryption Algorithm—Select the algorithm used to encrypt the data.
•
Integrity Algorithm—Select the algorithm used to verify the integrity of the
data.
•
PFS Key Group—Check the Enable box to enable Perfect Forward
Secrecy (PFS) to improve security. While slower, this protocol helps to
prevent eavesdroppers by ensuring that a Diffie-Hellman exchange is
performed for every phase-2 negotiation.
•
Select IKE Policy—Choose the IKE policy that will define the
characteristics of phase 1 of the negotiation. Click View to view or edit the
existing IKE policy that is configured on the .
5
98