AutoKey IKE P2 Proposal List

Setting up VPN tunnel encryption and authentication is a two-phase process.

Viewing the AutoKey IKE P2 Proposal List

You can select how many entries per page you want to view from the List per page drop-down list.

You can jump to another page by selecting it from the Go to Page drop-down list.

The P2 Proposal List table contains the following information about each predefined and configured Phase 2 proposals:

Name: Indicates the name of the proposal.

PFS: Indicates whether the proposal is using Perfect Forward Secrecy (PFS) or not (No PFS), or Diffie-Hellman (DH) Group 1, Group 2, or Group 5.

Encap: Indicates the type of encapsulation: Encryption (ESP) or Authentication Only (AH).

Encrypt/Auth: Indicates the encryption algorithm (3DES-CBC, DES-CBC, or AES-CBC) and the hash algorithm (MD5 or SHA-1) used.

Life Time: Indicates the life of the key, as determined by the amount of time in Sec (seconds), Min (minutes), Hours, or Days.

Life Size: Indicates the lifetime of the key by the number of kilobytes of VPN traffic.

Configure: Click Edit to modify an entry, or click Remove to delete any custom Phase 2 proposals you create.

Note: You cannot edit or remove predefined proposals.

To Create a New Phase 2 Proposal

Although the security device comes with a selection of predefined Phase 2 Proposals, you may create your own. To create a new Phase 2 Proposal Configuration, click New. For more information, see AutoKey IKE P2 Proposal Configuration.