Encryption |
Select the AES algorithms key from the drop-down list, to encrypt data. If you do not want to encrypt the data, select Null. The default value is AES 128. |
DH Group |
Select the Diffie-Hellman (DH) Group algorithm to be used when exchanging the pre-shared key. The DH Group sets the strength of the algorithm in bits. The supported DH Groups are 2, 5, 14, 15, and 16. It is recommended to use DH Group 14. |
PFS |
Select the Perfect Forward Secrecy (PFS) level for additional security. The supported PFS levels are 2, 5, 14, 15, and 16. The default value is deactivated. |
Hash |
Select the authentication algorithm for the VPN header from the drop-down list. The following Secure Hash Algorithm (SHA) options are available:
- SHA 1
- SHA 256
- SHA 384
- SHA 512
The default value is SHA 256. |
IKE SA Lifetime(min) |
Enter the IKE SA lifetime in minutes. The rekeying should be initiated for Edges before the time expires. The range is from 10 to 1440 minutes. The default value is 1440 minutes. |
IPsec SA Lifetime(min) |
Enter the IPsec SA lifetime in minutes. The rekeying should be initiated for Edges before the time expires. The range is from 3 to 480 minutes. The default value is 480 minutes. |
DPD Timeout Timer(sec) |
Enter the maximum time that the device should wait to receive a response to a DPD message before considering the peer as dead. The default value is 20 seconds. You can deactivate the DPD by configuring the DPD timeout timer as Zero (0). |