The Phase 1 Settings Tab is used to define the configuration parameters
required for the Client to establish an ISAKMP SA with the remote Client
Gateway.
Exchange Type
Select the Exchange type to be used during phase 1 negotiations.
The default
value for this setting is aggressive.
DH Exchange
Select the DH exchange group description to be proposed during phase 1
negotiations. The default value for this setting is group 2.
Cipher Algorithm
Select the cryptographic Cipher Algorithm to be proposed during phase 1
negotiations. The default value for this setting is 3des ( or Triple DES ).
Cipher Key Length
Select the cryptographic Cipher Key Length to be proposed during phase 1
negotiations. Some Cipher Algorithms use a fixed key length. If one of these
Ciphers are selected, this option will be grayed out. Other Cipher Algorithms
have a variable key length which will need to be defined. The default value for
this setting is variable depending on the selected Cipher Algorithm.
Hash Algorithm
Select the Hash Algorithm to be proposed during phase 1 negotiations. The
default value for this setting is md5.
Key Life Time Limit
Enter the Key Life Time Limit to be proposed during phase 1 negotiations. This
setting will determine the life time of an ISAKMP SA. The default value for this
setting is 28800 Seconds.
Key Life Data Limit
PLEASE NOTE: This setting is offered for IKE compatibility only. ISAKMP SA
data limits are not currently enforced by the Shrew Soft VPN Client.
Enter the Key Life Data Limit to be proposed during phase 1 negotiations. This
setting will determine the number of kilobytes that can be protected by an
ISAKMP SA. If a 0 value is specified, no life data limit is negotiated. The default
value for this setting is 0.
