Phase 1 Settings




Proposal Parameters



Exchange Type


Select the Exchange type to be used during phase 1 negotiations. The default value for this setting is aggressive.


DH Exchange


Select the DH exchange group description to be proposed during phase 1 negotiations. The default value for this setting is group 2.


Cipher Algorithm


Select the cryptographic Cipher Algorithm to be proposed during phase 1 negotiations. The default value for this setting is 3des ( or Triple DES ).


Cipher Key Length


Select the cryptographic Cipher Key Length to be proposed during phase 1 negotiations. Some Cipher Algorithms use a fixed key length. If one of these Ciphers are selected, this option will be grayed out. Other Cipher Algorithms have a variable key length which will need to be defined. The default value for this setting is variable depending on the selected Cipher Algorithm.


Hash Algorithm


Select the Hash Algorithm to be proposed during phase 1 negotiations. The default value for this setting is md5.


Key Life Time Limit


Enter the Key Life Time Limit to be proposed during phase 1 negotiations. This setting will determine the life time of an ISAKMP SA. The default value for this setting is 28800 Seconds.


Key Life Data Limit


Enter the Key Life Data Limit to be proposed during phase 1 negotiations. This setting will determine the number of kilobytes that can be protected by an ISAKMP SA. If a 0 value is specified, no life data limit is negotiated. The default value for this setting is 0.


PLEASE NOTE: This setting is offered for IKE compatibility only. ISAKMP SA data limits are not currently enforced by the Shrew Soft VPN Client.


Copyright 2010, Shrew Soft Inc