WS 2000 Wireless Switch System Reference Guide4-18
8. If ESP with Authentication is selected for the ESP type, select the authentication algorithm to be used with ESP from
the ESP Authentication Algorithm menu.
9. Select Ok to return to the VPN screen.
Setting Up Internet Key Exchange (IKE)
1. Select the Auto (IKE) Key Exchange radio button.
2. Click the IKE Settings button to set up the Internet Key Exchange and the following screen appears.
3. Select the Operation Mode for IKE. The Phase I protocols of IKE are based on the ISAKMP identity-protection and
aggressive exchanges. IKE main mode refers to the identity-protection exchange, and IKE aggressive mode refers to the
aggressive exchange.
MD5 Enables the Message Digest 5 algorithm, which requires 128-bit (32-character hexadecimal) authenti-
cation keys.
SHA1 Enables Secure Hash Algorithm 1, which requires 160-bit (40-character hexadecimal) keys.
Main This is the standard IKE mode for communication and key exchange.
Aggressive Aggressive mode is faster and less secure than Main mode. Identities are not encrypted unless
public key encryption is used. The Diffie-Hellman group cannot be negotiated; it is chosen by the
initiator. Also, the authentication method cannot be negotiated if the initiator chooses to use public
key encryption.