Configuration
SINAUT MD740-1
43 von 105
File 3172AD001_V1_1_060206.doc
File saved
06.02.2006
File printed
06.02.2006
State Freigabe
Autor Pauluhn
Consequence: the screen illustrated below appears:
2. Enter the agreed sequence of characters in the field
Pre-
Shared Secret Key (PSK)
. To obtain security
comparable to 3DES, the sequence of characters should
consists of approx. 30 randomly selected lower and
upper case characters and numerals.
3. Click on
Back
.
!
Pre-Shared Secret Key
cannot be used with dynamic
(%any) IP addresses; only fixed IP addresses or hostnames
on both sides are supported.
ISAKMP SA (Key Exchange)
Encryption algorithm
!
Agree with the administrator of the remote site as to
which encryption method is to be used.
3DES-168 is the most commonly used method and is
therefore preset as the standard.
Basically, the following applies: the more bits an encryption
algorithm has – indicated by the number shown – the more
secure it is. The relatively new AES-256 method is therefore
considered to be the safest, but it is not yet so widespread.
The longer the key, the more time-consuming the encryption
process. This aspect is of no consequence to the
SINAUT MD740-1 because it works with hardware-based
encryption technology. Nevertheless, this aspect could be
significant for the remote site.
The selectable algorithm marked "Zero" contains no
encryption at all.
Checksum algorithm/Hash
Leave the setting on
All algorithms
. Then it makes no
difference whether the remote site works with MD5 or
SHA-1.
IPsec SA (data exchange)
Unlike ISAKMP SA (Key Exchange) (see above) the method