User`s manual
Industrial Secure Router User's Manual Virtual Private Network (VPN)
9-6
MD5
SHA1
SHA256
DH Group
Setting Description Factory Default
DH1(modp 768)
DH2(modp 1024)
DH5(modp 1536)
DH14(modp 2048)
Diffie-Hellman groups
(the Key Exchange group between the Remote and VPN
Gateways)
DH2(modp 1024)
Negotiation Time
Setting
Description
Factory Default
Negotiation time The number of allowed reconnect times when startup mode is
initiated. If the number is 0, this tunnel will always try
connecting to the remote gateway when the VPN
tunnel is not
created successfully.
0
IKE Lifetime
Setting Description Factory Default
IKE lifetime (hours) Lifetime for IKE SA 1 (hr)
Rekey Expire Time
Setting Description Factory Default
Rekey expire time
(minutes)
Start to Rekey before IKE lifetime expired 9 (min)
Rekey Fuzz Percent
Setting Description Factory Default
0-100 (%) The rekey expire time will change randomly to enhance the
security.
Rekey fuzz percent is the maximum random change margin of
the Rekey expire time.
100% means the rekey expire time will not change randomly.
100 (%)
Data Exchange (IPSec phase II)
Perfect Forward Secrecy
Setting Description Factory Default
Enable or Disable Uses different security key for different IPSec phases to
enhance security
Disable
SA Lifetime
Setting Description Factory Default
SA lifetime (minutes) Lifetime for SA in Phase 2 480 (min)
Encryption Algorithm
Setting Description Factory Default
DES
3DES
Encryption Algorithm in data exchange 3DES