Difference between revisions of "VPN Form"

From Tech-Wiki
Jump to: navigation, search
Line 26: Line 26:
 
|Partner Internal Network
 
|Partner Internal Network
 
|''please fill'' (if your network overlaps the network above, it will clash)
 
|''please fill'' (if your network overlaps the network above, it will clash)
 +
|-
 +
|colspan="2"|IKE Policy (Phase 1)
 
|-
 
|-
 
|IKE Version
 
|IKE Version
Line 56: Line 58:
 
|Pre-shared Key exchange
 
|Pre-shared Key exchange
 
|()PGP ()Phone call (x) TXT/SMS:___________
 
|()PGP ()Phone call (x) TXT/SMS:___________
 +
|-
 +
|colspan="2"|IPSEC Policy (Phase 2)
 
|-
 
|-
 
|IPSEC Encryption Algorithm
 
|IPSEC Encryption Algorithm

Revision as of 20:07, 5 June 2018

Back to Firewalls

Use this form to exchange VPN information


VPN Form

Table 1. VPN Form
Parameter Value
Tunnel Termination - Public Internet IP addresses
Internet IP address (peer) at XXX 200.2.2.20
Internal Network 10.1.50.0/24
Internet IP Address (remote peer) at YYY please fill
Partner Internal Network please fill (if your network overlaps the network above, it will clash)
IKE Policy (Phase 1)
IKE Version ()IKEv1 (x)IKEv2
IKE Encryption Policy (x) AES 256 ()3DES (156-bit)
IKE Authentication Policy (x) SHA1 ()MD5
IKE Lifetime (default 86400s = 1day) 86400 sec
Diffie-Hellman Group ()Group 1 (x)Group 2 ()Group 5 ()Group 14
Identity (IP address or hostname) N/A
Authentication (x)Pre-shared Key () PKI
Mode (Main recommended) (x) Main ()Aggressive
Pre-Shared Key Note: do not use unencrypted emamil to exchange pre-shared keys
Pre-shared Key exchange ()PGP ()Phone call (x) TXT/SMS:___________
IPSEC Policy (Phase 2)
IPSEC Encryption Algorithm ()ESP-3DES (x)ESP-AES128 ()ESP-AES256
IPSEC Data Integrity (x)SHA ()MD5
Perfect Forward Secrecy (PFS) ()Off ()Group 1 (x)Group 2 ()Group 5
IPSEC SA Lifetime - Seconds 3600 seconds
IPSEC SA Lifetime - Kilobytes ___KB (x) Disabled