B&B Electronics RT3G-300_310_320_330_340-W - Configuration Manual User Manual

B&B Electronics, Inc.

SPECTRE Configuration Manual

42

SPECTRE_Configuration_Manual_2912m

www.bb-elec.com

www.bb-europe.com

but encryption will set permanently on 3DES-MD5.

Authenticate Mode

Defines the authentication mode:

Pre-shared key - shared key for both sides.
X.509 Certificate -

Pre-shared Key

Shared key for both sides of the tunnel

CA Certificate

This certificate is necessary for Authentication mode x.509.

Remote Certificate

This certificate is necessary for Authentication mode x.509.

Local Certificate

This certificate is necessary for Authentication mode x.509.

Local Private Key

This private key is necessary for Authentication mode x.509.

Local Passphrase

This Local Passphrase is necessary for Authentication mode x.509.

Extra Options

Use this parameter to define additional parameters of the IPsec
tunnel, for example security parameters etc.

Table 30: IPsec tunnel configuration

The certificates and private keys have to be in PEM format.

The random time, after which it will exchange new keys, is defined as follows:

Lifetime - (Rekey margin + random value in range (from 0 to Rekey margin * Rekey Fuzz/100))

By default, the time for the exchange of keys is between:

Minimum time:

1h - (9m + 9m) = 42m

Maximum time:

1h - (9m + 0m) = 51m

In most cases, the settings should be left at their default values.