Difference between revisions of "VPN Form"

From Tech-Wiki
Jump to: navigation, search
Line 57: Line 57:
 
|-
 
|-
 
|Pre-shared Key exchange
 
|Pre-shared Key exchange
|( ) PGP ( ) Phone call (x) TXT/SMS:___________
+
|( ) PGP ( ) Phone call (x) TXT/SMS ____________
 
|-
 
|-
 
|colspan="2"|'''IPSEC Policy (Phase 2)'''
 
|colspan="2"|'''IPSEC Policy (Phase 2)'''

Revision as of 20:11, 5 June 2018

Back to Firewalls

Use this form to exchange VPN information


VPN Form

Table 1. VPN Form
Parameter Value
Tunnel Termination - Public Internet IP addresses
Internet IP address (peer) at XXX 200.2.2.20
Internal Network 10.1.50.0/24
Internet IP Address (remote peer) at YYY please fill
Partner Internal Network please fill (if your network overlaps the network above, it will clash)
IKE Policy (Phase 1)
IKE Version ( ) IKEv1 (x) IKEv2
IKE Encryption Policy (x) AES 256 ( ) 3DES (156-bit)
IKE Authentication Policy (x) SHA1 ( ) MD5
IKE Lifetime (default 86400s = 1day) 86400 sec
Diffie-Hellman Group ( ) Group 1 (x) Group 2 ( ) Group 5 ( ) Group 14
Identity (IP address or hostname) N/A
Authentication (x) Pre-shared Key ( ) PKI
Mode (Main recommended) (x) Main ( ) Aggressive
Pre-Shared Key Note: do not use unencrypted emamil to exchange pre-shared keys
Pre-shared Key exchange ( ) PGP ( ) Phone call (x) TXT/SMS ____________
IPSEC Policy (Phase 2)
IPSEC Encryption Algorithm ( ) ESP-3DES (x) ESP-AES128 ( ) ESP-AES256
IPSEC Data Integrity (x) SHA ( ) MD5
Perfect Forward Secrecy (PFS) ( ) Off ( ) Group 1 (x) Group 2 ( ) Group 5
IPSEC SA Lifetime - Seconds 3600 seconds
IPSEC SA Lifetime - Kilobytes _____KB (x) Disabled