Manualshelf

Operation Manual

ManualsBrandsCradlepoint ManualscomputerAER3100
151152153154155156157158159160
SHA1
SHA2 256
SHA2 384
SHA2 512
Note that some Encryption/Hash combinations (e.g., 3DES with SHA2 384/512) are computationally expensive,
impacting WAN performance. AES is as strong an encryption and performs much better than 3DES.
DH Groups: The DH (Diffie-Hellman) Group is a property of IKE and is used to determine the length of prime numbers
associated with key generation. The strength of the key generated is partially determined by the strength of the DH
Group. Group 5, for instance, has greater strength than Group 2.
Group 1: 768-bit key
Group 2: 1024-bit key
Group 5: 1536-bit key
In IKE Phase 1 you can only select one DH group if you are using Aggressive exchange mode.
By default, all the algorithms (encryption, hash, and DH groups) supported by the device are checked, which means they
are allowed for any given exchange. Deselect these options to limit which algorithms will be accepted. Be sure to check
that the router (or similar device) at the other end of the tunnel has matching algorithms.
The algorithms are listed in order by priority. You can reorder this priority list by clicking and dragging algorithms up or
down. Any selected algorithm may be used for IKE exchange, but the algorithms on the top of the list are more likely to
be used more often.
Add/Edit Tunnel – IKE Phase 2
157