Configure IKE Phase 1 Profile
Use the following procedure to create and configure an IKE Phase 1 profile.
Procedure
- In the navigation pane, expand .
- Select IKE.
- Select the Profile tab.
- Select Insert.
- In the Name field, type a profile name.
- Complete the remaining optional configuration to customize the policy.
- Select Insert.
Profile Field Descriptions
Use the data in the following table to use the Profile tab.
Name |
Description |
---|---|
Name |
Specifies the name of the profile. |
HashAlgorithm |
Specifies the hash algorithms that can be used during IKE Phase 1 SA negotiation. The default value is sha256. |
EncryptionAlgorithm |
Specifies the encryption algorithms that can be used during IKE Phase 1 SA negotiation. The default value is aesCbc. |
EncryptKeyLen |
Specifies the key length that should be used during IKE Phase 1 SA negotiation. The default value is 256. |
DHGroup |
Specifies the Diffie-Hellman groups that can be used during IKE Phase 1 SA negotiation. The default value is modp2048. |
ExchangeMode |
Specifies the IKE Phase 1 negotiation mode. The default value is main. |
LifetimeSeconds |
Specifies the amount of time for which an IKE Phase 1 SA can remain valid during IKE Phase 1 negotiation. A value of 0 means no the SA always remains valid. The default value is 86400 seconds. |