Virtual Private Networking Using IPSec, PPTP, or L2TP Connections
306
ProSecure Unified Threat Management (UTM) Appliance
Encryption Algorithm From the drop-down list, select one of the following five algorithms to negotiate
the security association (SA):
• DES. Data Encryption Standard (DES).
• 3DES. Triple DES. This is the default algorithm.
• AES-128. Advanced Encryption Standard (AES) with a 128-bit key size.
• AES-192. AES with a 192-bit key size.
• AES-256. AES with a 256-bit key size.
Key-In The encryption key for the inbound policy. The length of the key depends on the
selected encryption algorithm:
• DES. Enter 8 characters.
• 3DES. Enter 24 characters.
• AES-128. Enter 16 characters.
• AES-192. Enter 24 characters.
• AES-256. Enter 32 characters.
Key-Out The encryption key for the outbound policy. The length of the key depends on
the selected encryption algorithm:
• DES. Enter 8 characters.
• 3DES. Enter 24 characters.
• AES-128. Enter 16 characters.
• AES-192. Enter 24 characters.
• AES-256. Enter 32 characters.
SPI-Outgoing The Security Parameters Index (SPI) for the outbound policy. Enter a
hexadecimal value between 3 and 8 characters (for example, 0x1234).
Integrity Algorithm From the drop-down list, select one of the following algorithms to be used in the
VPN header for the authentication process:
• SHA-1. Hash algorithm that produces a 160-bit digest. This is the default
setting.
• MD5. Hash algorithm that produces a 128-bit digest.
• SHA-256. Hash algorithm that produces a 256-bit key size.
• SHA-512. Hash algorithm that produces a 512-bit key size.
Key-In The integrity key for the inbound policy. The length of the key depends on the
selected integrity algorithm:
• MD5. Enter 16 characters.
• SHA-1. Enter 20 characters.
• SHA-256. Enter 32 characters.
• SHA-512. Enter 64 characters.
Key-Out The integrity key for the outbound policy. The length of the key depends on the
selected integrity algorithm:
• MD5. Enter 16 characters.
• SHA-1. Enter 20 characters.
• SHA-256. Enter 32 characters.
•
SHA-512. En
ter 64 characters.
Table 74. Add New VPN Policy screen settings (continued)
Setting Description