beautypg.com

Siemens se5880 User Manual

Page 75

background image

SIEMENS se5880 Ethernet Security Router
User’s Guide

Chapter 6 Security Setup

IKE/IPSec Configuration

SIEMENS

69

5. From the ESP Encryption Type drop-down menu, select one of the following to specify the algorithm to

use to encrypt ESP IPSec packets:

DES: Encrypts using a 56-bit key.

3DES: Encrypts using three 56-bit keys to produce 168-bit encryption.

NULL: ESP encapsulation, but no data encryption. ESP encapsulation verifies the source, but data is
sent in the clear to increase throughput.

NONE: No ESP encapsulation and no encryption is used.

6. From the IP Compression Method drop-down menu, select one of the following to specify the algorithm to

to use to compress IPSec packets: LZS IP compression or None.

7. In Phase II Proposal Lifetime, enter the number of seconds after the IPSec SA expires. The default is

1800 seconds. Once this time is elapsed, the system will renegotiate the IKE connection.

8. In Phase II Proposal Life Data, enter the amount of data, measured in kilobytes, before the IPSec SA

terminates. After the specified quantity of data has been transferred, the system will renegotiate the IKE
connection. If zero is entered, the data quantity will be unlimited. By setting a limit on the amount of data
transferred, the risk of a key becoming compromised is reduced.

9. Click Apply.