Westermo MRD-3x0 User Manual

126

6623-3201

Phase 2 Configuration

Phase 2 establishes the IPsec Security Associations (SA) 
parameters in order to establish an IPsec tunnel. Phase 2 has 
one mode called Quick mode, it starts after IKE has started 
a secure tunnel in phase 1. Quick mode is also used to re-
negotiate a new IPsec SA when the current IPsec SA lifetime 
expires.

The phase 2 options are:

ESP proposal
Encapsulating Security Payload (ESP) is used to encrypt the 
data transmitted in IP datagrams. The proposal establishes the 
Encryption algorithm and Authentication protocol to use.

Encryption Algorithm

•

Select the encryption algorithm from the drop-
down list, the options are: 
AES (128) 128 bit Advanced Encryption 
Standard (AES). 
AES (256) 256 bit Advanced Encryption 
Standard (AES). 
3DES Triple Data Encryption Standard (3DES). 
Blowfish (128) 128 bit blowfish. 
Blowfish (256) 256 bit blowfish.

Authentication Algorithm

•

Select the authentication algorithm from the 
drop-down list, the options are: 
MD5 Message-Digest algorithm 5. 
SHA1 Secure Hash Algorithm.