User`s manual
Version 5.4 129 May 2008
SIP User's Manual 3. Web-Based Management
Parameter Name Description
IKE Second Phase Parameters (Quick Mode)
SA Lifetime (sec)
[PsecPolicyLifeInSec]
Determines the time (in seconds) that the SA negotiated in the second
IKE session (quick mode) is valid. After the time expires, the SA is re-
negotiated.
The default value is 28,800 (i.e., 8 hours).
SA Lifetime (KB)
[IPSecPolicyLifeInKB]
Determines the lifetime (in kilobytes) that the SA negotiated in the
second IKE session (quick mode) is valid. After this size is reached, the
SA is re-negotiated.
The default value is 0 (i.e., this parameter is ignored).
These lifetime parameters [SA Lifetime (sec) and SA Lifetime (KB)] determine the duration for which
an SA is valid. When the lifetime of the SA expires, it is automatically renewed by performing the IKE
second phase negotiations. To refrain from a situation where the SA expires, a new SA is negotiated
while the old one is still valid. As soon as the new SA is created, it replaces the old one. This
procedure occurs whenever an SA is about to expire.
First to Fourth Proposal
Encryption Type
[IPSecPolicyProposalEncr
yption_X]
Determines the encryption type used in the quick mode negotiation for
up to four proposals. For the ini file parameter, X depicts the proposal
number (0 to 3)).
The valid encryption values are:
[0] None = No encryption
[1] DES-CBC
[2] Triple DES-CBC
[3] AES-CBC
Not Defined (default)
First to Fourth Proposal
Authentication Type
[IPSecPolicyProposalAuth
entication_X]
Determines the authentication protocol used in the quick mode
negotiation for up to four proposals. For the ini file parameter, X depicts
the proposal number (0 to 3).
The valid authentication values are:
[2] HMAC-SHA-1-96
[4] HMAC-MD5-96
Not Defined (default)