Difference between revisions of "VPN Form"
From Tech-Wiki
| Line 30: | Line 30: | ||
|- | |- | ||
|IKE Version | |IKE Version | ||
| − | |( ) IKEv1 (x) IKEv2 | + | |( ) IKEv1 (x) IKEv2 |
|- | |- | ||
|IKE Encryption Policy | |IKE Encryption Policy | ||
| − | |(x) AES 256 | + | |(x) AES 256 ( ) 3DES (156-bit) |
| − | + | ||
|- | |- | ||
|IKE Authentication Policy | |IKE Authentication Policy | ||
| − | |(x) SHA1 | + | |(x) SHA1 ( ) MD5 |
|- | |- | ||
|IKE Lifetime (default 86400s = 1day) | |IKE Lifetime (default 86400s = 1day) | ||
| Line 43: | Line 42: | ||
|- | |- | ||
|Diffie-Hellman Group | |Diffie-Hellman Group | ||
| − | |( ) Group 1 (x) Group 2 ( ) Group 5 ( ) Group 14 | + | |( ) Group 1 (x) Group 2 ( ) Group 5 ( ) Group 14 |
|- | |- | ||
|Identity (IP address or hostname) | |Identity (IP address or hostname) | ||
| Line 49: | Line 48: | ||
|- | |- | ||
|Authentication | |Authentication | ||
| − | |(x) Pre-shared Key ( ) PKI | + | |(x) Pre-shared Key ( ) PKI |
|- | |- | ||
|Mode (Main recommended) | |Mode (Main recommended) | ||
| − | |(x) Main ( ) Aggressive | + | |(x) Main ( ) Aggressive |
|- | |- | ||
|Pre-Shared Key | |Pre-Shared Key | ||
| Line 58: | Line 57: | ||
|- | |- | ||
|Pre-shared Key exchange | |Pre-shared Key exchange | ||
| − | |( ) PGP ( ) Phone call (x) TXT/SMS ____________ | + | |( ) PGP ( ) Phone call (x) TXT/SMS ____________ |
|- | |- | ||
|colspan="2" align="center"|'''IPSEC Policy (Phase 2)''' | |colspan="2" align="center"|'''IPSEC Policy (Phase 2)''' | ||
|- | |- | ||
|IPSEC Encryption Algorithm | |IPSEC Encryption Algorithm | ||
| − | |( ) ESP-3DES (x) ESP-AES128 ( ) ESP-AES256 | + | |( ) ESP-3DES (x) ESP-AES128 ( ) ESP-AES256 |
|- | |- | ||
|IPSEC Data Integrity | |IPSEC Data Integrity | ||
| Line 69: | Line 68: | ||
|- | |- | ||
|Perfect Forward Secrecy (PFS) | |Perfect Forward Secrecy (PFS) | ||
| − | |( ) Off ( ) Group 1 (x) Group 2 ( ) Group 5 | + | |( ) Off ( ) Group 1 (x) Group 2 ( ) Group 5 |
|- | |- | ||
|IPSEC SA Lifetime - Seconds | |IPSEC SA Lifetime - Seconds | ||
| Line 75: | Line 74: | ||
|- | |- | ||
|IPSEC SA Lifetime - Kilobytes | |IPSEC SA Lifetime - Kilobytes | ||
| − | |_____KB (x) Disabled | + | |_____KB (x) Disabled |
|} | |} | ||
Revision as of 20:14, 5 June 2018
Use this form to exchange VPN information
VPN Form
| Parameter | Value |
|---|---|
| Tunnel Termination - Public Internet IP addresses | |
| Internet IP address (peer) at XXX | 200.2.2.20 |
| Internal Network | 10.1.50.0/24 |
| Internet IP Address (remote peer) at YYY | please fill |
| Partner Internal Network | please fill (if your network overlaps the network above, it will clash) |
| IKE Policy (Phase 1) | |
| IKE Version | ( ) IKEv1 (x) IKEv2 |
| IKE Encryption Policy | (x) AES 256 ( ) 3DES (156-bit) |
| IKE Authentication Policy | (x) SHA1 ( ) MD5 |
| IKE Lifetime (default 86400s = 1day) | 86400 sec |
| Diffie-Hellman Group | ( ) Group 1 (x) Group 2 ( ) Group 5 ( ) Group 14 |
| Identity (IP address or hostname) | N/A |
| Authentication | (x) Pre-shared Key ( ) PKI |
| Mode (Main recommended) | (x) Main ( ) Aggressive |
| Pre-Shared Key | Note: do not use unencrypted emamil to exchange pre-shared keys |
| Pre-shared Key exchange | ( ) PGP ( ) Phone call (x) TXT/SMS ____________ |
| IPSEC Policy (Phase 2) | |
| IPSEC Encryption Algorithm | ( ) ESP-3DES (x) ESP-AES128 ( ) ESP-AES256 |
| IPSEC Data Integrity | (x) SHA ( ) MD5 |
| Perfect Forward Secrecy (PFS) | ( ) Off ( ) Group 1 (x) Group 2 ( ) Group 5 |
| IPSEC SA Lifetime - Seconds | 3600 seconds |
| IPSEC SA Lifetime - Kilobytes | _____KB (x) Disabled |