NETGEAR FVG318 Reference Manual page 112

ProSafe 802.11g Wireless VPN Firewall FVG318 Reference Manual
Table 6-1. VPN Manual and Auto Policy Configuration Fields (continued)
Field
Manual Policy Parameters
SPI-Incoming; SPI-Outgoing Takes a hexadecimal value between 3 and 8 characters; for example:
Encryption Algorithm:
Integrity Algorithm:
Auto Policy Parameters
SA Life Time
Encryption Algorithm
Integrity Algorithm
6-6
Description
The Manual Policy creates an SA (Security Association) based on static
inputs
0x1234
The algorithm used to encrypt the data:
• Encryption Key-In: Encryption key of the inbound policy. The length of
the key depends on the algorithm chosen. The length is in characters
as follows:
DES – 8 characters
3DES – 24 characters
AES-128 – 16 characters
AES-192 – 24 characters
AES-256 – 32 characters
• Encryption Key-Out: Encryption key of the outbound policy. The
length of the key depends on the algorithm chosen. Lengths for the
outbound policy encryption key are the same as for the inbound policy.
Algorithm used to verify the integrity of the data.
• Integrity Key-In: The integrity key (for Encapsulated Security Payload
(ESP) with encryption mode) for the inbound policy and depends on
the algorithm chosen:
MD5 – 16 characters
SHA-1 – 20 characters
• Integrity Key-Out: The integrity key (for ESP with encryption mode)
for the outbound policy and depends on the algorithm chosen. Lengths
are the same as for the inbound mode.
The duration of the Security Association before it expires.
• Seconds — the amount of time before the SA expires. Over an hour is
common (3600).
• Kbytes — the amount of traffic before the SA expires.
One of these can be set without setting the other.
The encryption algorithm used to encrypt the data:
• DES – the default
• 3DES – more secure
Algorithm used to verify the integrity of the data. The choices are:
• MD5 – the default
• SHA1 – more secure
v1.0, September 2007
Advanced Virtual Private Networking