Westermo RedFox Series User Manual

Westermo OS Management Guide

Version 4.17.0-0

Continued from previous page

ESP
Encryption,
Authentication
& DH-Group

Configure the encryption algorithm, message authentica-
tion algorithm, and the Diffie-Hellman group to use for
the ESP handshake and PFS.
This option is only possible to set if the ESP Auto check-
box is un-checked.

PFS

Enable the Perfect Forward Secrecy (PFS) extension. PFS
uses Diffie-Hellman for key exchange. The DH group is
configured together with the ESP settings.

IKE Lifetime(s)

The maximum lifetime of the IKE (Phase 1) SA in seconds.
Default is 3600 (1h).

SE Lifetime(s)

The maximum lifetime of the ESP (Phase 2) SA in sec-
onds. Default is 28800 (8h).

816

➞ 2015 Westermo Teleindustri AB