Manualshelf

User manual

ManualsBrandsSecure Computing ManualsComputer equipmentSG550
221222223224225226227228229230
Virtual Private Networking
217
Down indicates that the tunnel is not being negotiated. This may be due to the
following reasons:
o IPSec is disabled.
o The tunnel is disabled.
o The tunnel could not be loaded due to misconfiguration.
Negotiating Phase 1 indicates that IPSec is negotiating Phase 1 to establish the
tunnel. Aggressive or Main mode packets (depending on tunnel configuration)
are transmitted during this stage of the negotiation process.
Negotiating Phase 2 indicates that IPSec is negotiating Phase 2 to establish the
tunnel. Quick mode packets are transmitted during this stage of the negotiation
process.
Running indicates that the tunnel has been established.
Tunnels that use Manual Keying are in either a Down or Running state.
For tunnels that use Automatic Keying, further negotiation details can be seen by clicking
on the status. A window similar to the following is displayed.
Interfaces Loaded lists the SG unit's interfaces which IPSec is using.
Phase 2 Ciphers Loaded lists the encryption ciphers that tunnels can be configured with
for Phase 2 negotiations. This includes DES, 3DES and AES.
Phase 2 Hashes Loaded lists the authentication hashes that tunnels can be configured
with for Phase 2 negotiations. This includes MD5 and SHA1 (otherwise known as SHA).
Phase 1 Ciphers Loaded lists the encryption ciphers that tunnels can be configured with
for Phase 1 negotiations. This includes DES, 3DES and AES.