Phase 1 Settings

Proposal Parameters

Exchange Type

Select the Exchange type to be used during phase 1 negotiations. The default value for this setting is aggressive.

DH Exchange

Select the DH exchange group description to be proposed during phase 1 negotiations. The default value for this setting is group 2.

Cipher Algorithm

Select the cryptographic Cipher Algorithm to be proposed during phase 1 negotiations. The default value for this setting is 3des ( or Triple DES ).

Cipher Key Length

Select the cryptographic Cipher Key Length to be proposed during phase 1 negotiations. Some Cipher Algorithms use a fixed key length. If one of these Ciphers are selected, this option will be grayed out. Other Cipher Algorithms have a variable key length which will need to be defined. The default value for this setting is variable depending on the selected Cipher Algorithm.

Hash Algorithm

Select the Hash Algorithm to be proposed during phase 1 negotiations. The default value for this setting is md5.

Key Life Time Limit

Enter the Key Life Time Limit to be proposed during phase 1 negotiations. This setting will determine the life time of an ISAKMP SA. The default value for this setting is 28800 Seconds.

Key Life Data Limit

Enter the Key Life Data Limit to be proposed during phase 1 negotiations. This setting will determine the number of kilobytes that can be protected by an ISAKMP SA. If a 0 value is specified, no life data limit is negotiated. The default value for this setting is 0.

PLEASE NOTE: This setting is offered for IKE compatibility only. ISAKMP SA data limits are not currently enforced by the Shrew Soft VPN Client.

Copyright © 2010, Shrew Soft Inc