F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices VPN Configuration Guide-6PW100
425
Item Descri
p
tion
Phase 2
Security
Protocol
Select the security protocols to be used.
• ESP—Uses the ESP protocol.
• AH—Uses the AH protocol.
• AH-ESP—Uses ESP first and then AH.
AH
Authentication
Algorithm
Select an authentication algorithm for AH when you select AH or AH-ESP for
Security Protocol.
Available authentication algorithms include MD5 and SHA1.
ESP
Authentication
Algorithm
Select an authentication algorithm for ESP when you select ESP or AH-ESP for
Security Protocol.
You can select MD5 or SHA1. If you do not select any authentication
algorithm, ESP performs no authentication.
IMPORTANT:
The ESP authentication algorithm and ESP encryption algorithm cannot both be
null.
ESP Encryption
Algorithm
Select an encryption algorithm for ESP when you select ESP or AH-ESP for
Security Protocol.
• 3DES—Uses the 3DES algorithm and a 168-bit key for encryption.
• DES—Uses the DES algorithm and a 56-bit key for encryption.
• AES128—Uses the AES algorithm and a 128-bit key for encryption.
• AES192—Uses the AES algorithm and a 192-bit key for encryption.
• AES256—Uses the AES algorithm and a 256-bit key for encryption.
• If you do not select any encryption algorithm, ESP performs no encryption.
IMPORTANT:
• Higher security means more complex implementation and lower speed.
DES is enough to meet general requirements. Use 3DES when high
confidentiality and security are required.
• The ESP authentication algorithm and ESP encryption algorithm cannot
both be null.
Encapsulation
Mode
Select the IP packet encapsulation mode.
• Tunnel—Uses the tunnel mode.
• Transport—Uses the transport mode.