AirLive IP-2000VPN User Manual
Page 65
AirLive IP-2000VPN User’s Manual
62
Manually assigned Keys
AH Authentication
AH (Authentication Header) specifies the authentication protocol for the VPN
header, if used. (AH is often NOT used)
If AH is not enabled, the following settings can be ignored.
Keys
• The "in" key here must match the "out" key on the remote VPN, and the "out"
key here must match the "in" key on the remote VPN.
• Keys can be in ASCII or Hex (0 ~ 9 A ~ F)
• For MD5, the keys should be 32 hex/16 ASCII characters.
• For SHA-1, the keys should be 40 hex/20 ASCII characters.
SPI
• Each SPI (Security Parameter Index) must be unique.
• The "in" SPI here must match the "out" SPI on the remote VPN, and the "out"
SPI here must match the "in" SPI on the remote VPN.
• Each SPI should be at least 3 characters.
ESP Encryption
ESP (Encapsulating Security Payload) provides security for the payload (data)
sent through the VPN tunnel. Generally, you will want to enable both Encryption
and Authentication.
Encryption Algorithm
• The 3DES algorithm provides greater security than DES, but is slower.
• If using AES, you must select the Key Size. If using DES or 3DES, this field is
ignored.
Key - In / Key - Out
• The "In" key here must match the "Out" key on the remote VPN, and the
"Out" key here must match the "In" key on the remote VPN.
• For DES, keys should be 8 ASCII characters (16 HEX chars).
• For 3DES, keys should be 24 ASCII characters (48 HEX chars).
• If using AES encryption, the key input size must match the Key Size selected
above.
ESP
Authentication
Generally, you should enable ESP Authentication. There is little difference
between the available algorithms. Just ensure each endpoint use the same
setting.
• The "In" key here must match the "Out" key on the remote VPN, and the
"Out" key here must match the "In" key on the remote VPN.
• Keys can be in ASCII or Hex (0 ~ 9 and A ~ F)
• For MD5, the keys should be 32 hex/16 ASCII characters.
• For SHA-1, the keys should be 40 hex/20 ASCII characters.