Network Router User Manual
99
Encryption EVR100 supports DES, 3DES, AES128, AES192, AES256 encryption methods for traffic through
the VPN.
Authentication EVR100 supports SHA1, MD5 methods for authentication.
Life Time Enter the number of seconds for the IKE Lifetime. The period of time to pass before establishing a
new IKE security association (SA) with the remote endpoint. The default value is 28800.
IPSec (Phase 2) Proposal
Protocol Select ESP (Encapsulating Security Payload) or AH (Authentication Header) for traffic through the
VPN.
• AH (Authentication Header) to provide connectionless integrity and data origin
authentication for IP datagrams and to provide protection against replay attacks.
• ESP (Encapsulating Security Payload) to provide confidentiality, data origin authentication,
connectionless integrity, an anti-replay service (a form of partial sequence integrity), and
limited traffic flow confidentiality.
Encryption EVR100 supports DES, 3DES, AES128, AES192, AES256 encryption methods for traffic through
the VPN.
Authentication EVR100 supports SHA1, MD5 methods for authentication.
Perfect Forward
Secrecy
Select Enable or Disable to enable or disable PFS (Perfect Forward Secrecy). PFS is an additional
security protocol.
DH Group Select a PFS DH Group from the drop-down menu (Group 1, Group2, Group5, Group14). As the
DH Group number increases, the higher the level of encryption implemented for PFS.
Life Time Enter the number of seconds for the IPSec Lifetime. The period of time to pass before establishing
a new IPSec security association (SA) with the remote endpoint. The default value is 28800.