Manualshelf

- Foundry Router User Guide

ManualsBrandsFoundry Networks ManualsNetwork RouterAR1216
281282283284285286287288289290
Foundry AR-Series Router User Guide
15 - 62 © 2004 Foundry Networks, Inc. June 2004
Foundry IKE and IPSec Defaults
To minimize configuration required by the user, default IKE and IPSec values have been implemented in
Foundry’s encryption scheme. Foundry supports a maximum of 100 IPSec tunnels.
IKE Defaults
Table 15.5: lists IKE defaults. When the user creates an IKE policy specifying an IKE peer, an IKE proposal with
priority 1 is automatically created. However, to make the IKE policy fully functional, the user must enter a pre-
shared key.
Table 15.3: Authentication Algorithms
Authentication Algorithms for AH/
ESP
Hash Size
HMAC-MD5-96 96 bits
HMAC-HSHA1-96 96 bits
Table 15.4: Diffie-Hellman Groups
Diffie-Hellman Groups for
Authentication
Key Size
Group 1 768 bits
Group 2 1024 bits
Group 5 1536 bits
Table 15.5: IKE Default Values
Parameter Name Foundry Default
Value:
Site to Site
Foundry Default
Value:
Remote Access
Mode Main mode Aggressive mode
Perfect forward secrecy Disabled Disabled
Hash algorithm SHA1 SHA1
Encryption algorithm DES DES
Authentication method PreShared PreShared
DH Group Group 1 Group 1
Lifetime 86400 seconds 86400 seconds
Response type Initiator and responder Responder only