Phase 1 Settings

Previous  Next

---

The Phase 1 Settings Tab is used to define the configuration parameters required for the Client to establish an ISAKMP SA with the remote Client Gateway.

Exchange Type

Select the Exchange type to be used during phase 1 negotiations. The default value for this setting is aggressive.

DH Exchange

Select the DH exchange group description to be proposed during phase 1 negotiations. The default value for this setting is group 2.

Cipher Algorithm

Select the cryptographic Cipher Algorithm to be proposed during phase 1 negotiations. The default value for this setting is 3des ( or Triple DES ).

Cipher Key Length

Select the cryptographic Cipher Key Length to be proposed during phase 1 negotiations. Some Cipher Algorithms use a fixed key length. If one of these Ciphers are selected, this option will be grayed out. Other Cipher Algorithms have a variable key length which will need to be defined. The default value for this setting is variable depending on the selected Cipher Algorithm.

Hash Algorithm

Select the Hash Algorithm to be proposed during phase 1 negotiations. The default value for this setting is md5.

Key Life Time Limit

Enter the Key Life Time Limit to be proposed during phase 1 negotiations. This setting will determine the life time of an ISAKMP SA. The default value for this setting is 28800 Seconds.

Key Life Data Limit

PLEASE NOTE: This setting is offered for IKE compatibility only. ISAKMP SA data limits are not currently enforced by the Shrew Soft VPN Client.

Enter the Key Life Data Limit to be proposed during phase 1 negotiations. This setting will determine the number of kilobytes that can be protected by an ISAKMP SA. If a 0 value is specified, no life data limit is negotiated. The default value for this setting is 0.