DSL-G804V Wireless ADSL Router User’s Guide
Parameter
Description
Authentication Type
Authentication establishes the integrity of the datagram and ensures it is not
tampered with in transmit. There are three options, Message Digest 5 (
MD5
),
Secure Hash Algorithm (
SHA1
) or
NONE
. SHA-1 is more resistant to brute-
force attacks than MD5, however it is slower.
Encryption
Select the encryption method from the pull-down menu. There are several
options,
DES
,
3DES
,
AES (128, 192 and 256)
and
NULL
. NULL means it is a
tunnel only with no encryption. 3DES and AES are more powerful but increase
latency.
Perfect Forward
Secrecy
Choose whether to enable PFS using Diffie-Hellman public-key cryptography
to change encryption keys during the second phase of VPN negotiation. This
function will provide better security, but extends the VPN negotiation time.
Diffie-Hellman is a public-key cryptography protocol that allows two parties to
establish a shared secret over an unsecured communication channel (i.e. over
the Internet). There are three modes, MODP 768-bit, MODP 1024-bit and
MODP 1536-bit. MODP stands for Modular Exponentiation Groups.
Pre-shared Key
This is for the Internet Key Exchange (IKE) protocol, a string from 4 to 128
characters. Both sides should use the same key. IKE is used to establish a
shared security policy and authenticated keys for services (such as IPSec) that
require a key. Before any IPSec traffic can be passed, each router must be
able to verify the identity of its peer. This can be done by manually entering the
pre-shared key into both sides (router or hosts).
Click
Apply
to save the setting
.
52