System information
B&B Electronics, Inc. SPECTRE Configuration Manual
42
SPECTRE_Configuration_Manual_2912m
www.bb-elec.com
www.bb-europe.com
but encryption will set permanently on 3DES-MD5.
Authenticate Mode
Defines the authentication mode:
Pre-shared key - shared key for both sides.
X.509 Certificate -
Pre-shared Key
Shared key for both sides of the tunnel
CA Certificate
This certificate is necessary for Authentication mode x.509.
Remote Certificate
This certificate is necessary for Authentication mode x.509.
Local Certificate
This certificate is necessary for Authentication mode x.509.
Local Private Key
This private key is necessary for Authentication mode x.509.
Local Passphrase
This Local Passphrase is necessary for Authentication mode x.509.
Extra Options
Use this parameter to define additional parameters of the IPsec
tunnel, for example security parameters etc.
Table 30: IPsec tunnel configuration
The certificates and private keys have to be in PEM format.
The random time, after which it will exchange new keys, is defined as follows:
Lifetime - (Rekey margin + random value in range (from 0 to Rekey margin * Rekey Fuzz/100))
By default, the time for the exchange of keys is between:
Minimum time: 1h - (9m + 9m) = 42m
Maximum time: 1h - (9m + 0m) = 51m
In most cases, the settings should be left at their default values.