Filter
Top Products
Configuring a security policy on the Soft-PK
4-16 Installing and Working with Soft-PK
a.
Select the authentication method for this connection.
If using shared password: Click Pre-Shared Key and enter the
shared password.
If using digital certificates: Select the personal certificate
previously imported from the drop-down list. Notice the ID Type
automatically changes to Distinguished Name.
b. In the Internet Interface selection drop-down box, specify which
interface to use when creating the VPN. For our example, the default
“Any” is adequate.
11. Specify the Authentication settings. Select Authentication (Phase 1) ->
Proposal 1
.
Figure 4-15.
Soft-PK: Authentication
(Phase 1) -> Proposal 1
fields
a.
In Authentication Method field, specify the method appropriate for
your configuration. (For example, use RSA Signatures if using only
digital certificate authentication, use RSA Signatures: Extended
Authentication if using digital certificate authentication and
extended authentication.)
b. In Encryption and Data Integrity/Algorithms fields:
Encrypt Alg: Select DES or Triple-DES (highest).
Hash Alg: Select MD5 or SHA-1 (highest).
SA Life: Set this to 3500 seconds.The Phase 1 Lifetime on the Soft-
PK should NOT be left as Unspecified. It should be set to some
period of time slightly shorter than is configured on the
Sidewinder SA definition (Advanced tab on the Sidewinder COBRA
GUI).
c. In Key Group field, select at least Group 2. Group 5 (highest).