Determine IKE Phase 1 Policy

Parameter

Strong

Stronger

Encryption algorithm

DES

3DES or AES

Hash algorithm

MD5

SHA-1

Authentication method

Pre-share

RSA Signature

Key exchange

DH Group 1

DH Group 2 or 5

IKE SA lifetime

86,400 seconds

< 86,400 seconds

© 2005 Cisco Systems, Inc. All rights reserved. SNPA V4.0—11-28

An IKE policy defines a combination of security parameters to be used during the IKE negotiation. A group of policies makes up a protection suite of multiple policies that enable IPSec peers to establish IKE sessions and SAs with a minimum of configuration.

0 0

Post a comment