Filter
Top Products
set vpn
240 Chapter 2 Command Descriptions
authentication={none|md5|sha1}
The authentication algorithm used in authenticating clients.
none
No authentication. No authentication can be used to save time and
CPU cycles. It is not as secure, but the peers were authenticated in
phase 1.
md5
MD5 authentication, which uses 128-bit keys.
sha1
SHA1 authentication, which uses 160-bit keys.
encryption={none|des|3des|aes}
The encryption algorithm used for encrypting data.
none
No encryption is used. One use of IPsec is to tie to private networks
together. If security is not a major concern, encryption can be
disabled to save on processing and overhead.
des
DES encryption, which uses 64-bit keys.
3des
3-DES encryption, which uses 192-bit keys.
aes
AES encryption, which uses either 128-bit, 192-bit, or 256-bit keys
depending on the negotiated security settings.
sa_lifetime=60-2^32
Determines how long a Security Association (SA) policy is active, in
seconds. After the SA has been negotiated, the SA lifetime begins.
Once the lifetime has completed, a new set of SA policies are
negotiated with the remote VPN endpoint.
sa_lifetime_data=(0 - 2^32) (kilobytes)
The amount of data, in bytes or kilobytes, that is sent and received until
the SA is renegotiated. This value is analogous to the SA lifetime. Also
known as SA life size.
See also • "display" on page 27. The “display sadb,” “display sp,” and “display vpn”
commands display VPN-related connection and status information.
• "revert" on page 61. The “revert vpn” options revert groups of VPN
settings, or all VPN settings.
• "show" on page 249.
• "vpn" on page 256. The “vpn” command is used to manage and display
the status of VPN tunnels.
• The VPN settings in the Web user interface (Network > Virtual Private
Network (VPN) Settings) and the online help for these settings.
• The Digi Cellular Family User’s Guide section titled “Virtual Private
Network (VPN) Settings.”