Chapter 12 IPSec VPN
P-2812HNU-51c User’s Guide
265
Local ID Type Select IP to identify this P-2812HNU-51c by its IP address.
Select DNS to identify this P-2812HNU-51c by a domain name.
Select E-mail to identify this P-2812HNU-51c by an e-mail address.
Select ASN1DN (Abstract Syntax Notation one - Distinguished Name)
to identify the remote IPSec router by the subject field in a certificate.
This is used only with certificate-based authentication.
Local ID Content When you select IP in the Local ID Type field, type the IP address of
your computer in the Local ID Content field.
When you select DNS or E-mail in the Local ID Type field, type a
domain name or e-mail address by which to identify this P-2812HNU-
51c in the Local ID Content field. Use up to 31 ASCII characters
including spaces, although trailing spaces are truncated. The domain
name or e-mail address is for identification purposes only and can be
any string.
Peer ID Type Select IP to identify the remote IPSec router by its IP address.
Select DNS to identify the remote IPSec router by a domain name.
Select E-mail to identify the remote IPSec router by an e-mail
address.
Select ASN1DN (Abstract Syntax Notation one - Distinguished Name)
to identify the remote IPSec router by the subject field in a certificate.
This is used only with certificate-based authentication.
Content The configuration of the peer content depends on the peer ID type.
For IP, type the IP address of the computer with which you will make
the VPN connection.
For DNS or E-mail, type a domain name or e-mail address by which to
identify the remote IPSec router. Use up to 31 ASCII characters
including spaces, although trailing spaces are truncated. The domain
name or e-mail address is for identification purposes only and can be
any string.
Phase 1/Phase 2
Mode Select Main or Aggressive from the drop-down list box. Multiple SAs
connecting through a secure gateway must have the same negotiation
mode.
Encryption
Algorithm
Select DES, 3DES, AES-128, ES-192 or AES-256 from the drop-
down list box.
When you use one of these encryption algorithms for data
communications, both the sending device and the receiving device
must use the same secret key, which can be used to encrypt and
decrypt the message or to generate and verify a message
authentication code. The DES encryption algorithm uses a 56-bit key.
Triple DES (3DES) is a variation on DES that uses a 168-bit key. As a
result, 3DES is more secure than DES. It also requires more
processing power, resulting in increased latency and decreased
throughput. This implementation of AES uses a 128-bit, 192-bit or
256-bit key. AES is faster than 3DES.
Table 75 Security > IPSec VPN > IPSec Setting > Manual (continued)
LABEL DESCRIPTION
