Manualshelf

Operation Manual

ManualsBrandsCradlepoint ManualscomputerAER3100
151152153154155156157158159160
Exchange Mode: The IKE protocol has two modes of negotiating phase 1 – Main (also called Identity Protection) and
Aggressive.
In Main mode, IKE separates the key information from the identities, allowing for the identities of peers to be secure
at the expense of extra packet exchanges.
In Aggressive mode, IKE tries to combine as much information into fewer packets while maintaining security.
Aggressive mode is slightly faster but less secure.
Because it has better security, Main mode is recommended for most users.
Key Lifetime: The lifetime of the generated keys of phase 1 of the IPsec negotiation from IKE. After the time has
expired, IKE will renegotiate a new set of phase 1 keys.
Encryption, Hash, and DH Groups
Each IKE exchange uses one encryption algorithm, one hash function, and one DH group to make a secure exchange.
Encryption: Used to encrypt messages sent and received by IPsec.
AES 128
AES 256
DES
3DES
Hash: Used to compare, authenticate, and validate that data across the VPN arrives in its intended form and to derive
keys used by IPSec.
MD5
156