AutoKey IKE P1 Proposal List

Setting up virtual private network (VPN) tunnel encryption and authentication is a two-phase process:

Viewing the AutoKey IKE P1 Proposal List

You can select how many entries per page you want to view from the List per page drop-down list.

You can jump to another page by selecting it from the Go to Page drop-down list.

The P1 Proposal List table contains the following information about each predefined and configured Phase 1 proposal:

Name: Indicates the name of the proposal.

Method: Indicates the authentication method used. The options are Preshare (for use with a preshared secret) or RSA-Sig or DSA-Sig (for use with a digital certificate from a certificate authority, or CA).

DH Group: Indicates the Diffie-Hellman (DH) group used: Group 1, Group 2, or Group 5.

Encrypt/Auth: Indicates the encryption algorithm used (3DES-CBC, DES-CBC, or AES-CBC) and the hash algorithm used (MD5 or SHA-1).

Life Time: Indicates the life of the key, as determined by the amount of time in Sec (seconds), Min (minutes), Hours, or Days.

Configure: Click Edit to modify an entry, or click Remove any custom P1 Proposals you create.

Note: You cannot edit or remove predefined proposals.

To Create a New Phase 1 Proposal

Although the security device comes with a selection of predefined Phase 1 Proposals, you may create your own. To create a new Phase 1 (P1) Proposal, click New. For more information, see AutoKey IKE P1 Proposal Configuration page.