tainy hmod-v3-io, tainy hmod-l3-io - Dr. Neuhaus ...
tainy hmod-v3-io, tainy hmod-l3-io - Dr. Neuhaus ...
tainy hmod-v3-io, tainy hmod-l3-io - Dr. Neuhaus ...
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
VPN Standard Mode<br />
Edit IKE<br />
VPN connect<strong>io</strong>ns<br />
Funct<strong>io</strong>n Here you can define the properties of the VPN connect<strong>io</strong>n according to your<br />
requirements and what you have agreed with the system administrator of the<br />
remote stat<strong>io</strong>n.<br />
ISAKMP-SA encrypt<strong>io</strong>n<br />
IPsec-SA encrypt<strong>io</strong>n<br />
ISAKMP-SA hash<br />
IPsec-SA hash<br />
Agree with the administrator of the remote stat<strong>io</strong>n which encrypt<strong>io</strong>n method<br />
will be used for the ISAKMP-SA and the IPsec-SA. The TAINY xMOD-V3-IO<br />
supports the following methods:<br />
� 3DES-192<br />
� AES-128<br />
� AES-192<br />
� AES-256<br />
AES-128 is the most frequently used method, and is therefore set as the<br />
default.<br />
The method can be defined differently for ISAKMP-SA and IPsec-SA.<br />
Note:<br />
The more bits in the encrypt<strong>io</strong>n algorithm - indicated by the appended<br />
number - the more secure it is. The method AES-256 is therefore considered<br />
the most secure. However, the longer the key, the more time the encrypt<strong>io</strong>n<br />
process takes and the more computing power is required.<br />
Agree with the administrator of the remote stat<strong>io</strong>n which method will be used<br />
for computing checksums/hashes during the ISAKMP phase and the IPsec<br />
phase. The following select<strong>io</strong>ns are available:<br />
� MD5 or SHA-1 (automatic detect<strong>io</strong>n)<br />
� MD5<br />
� SHA-1<br />
The method can be defined differently for ISAKMP-SA and IPsec-SA.<br />
ISAKMP-SA mode Agree with the administrator of the remote stat<strong>io</strong>n which method will be used<br />
for negotiating the ISAKMP-SA. The following select<strong>io</strong>ns are available:<br />
� Main mode<br />
� Aggressive mode<br />
DH/PFS group Agree with the administrator of the remote stat<strong>io</strong>n the DH group for the key<br />
exchange.<br />
TAINY xMOD Page 69 of 111