Configuring Phase2 Proposal

Configuring Phase2 Proposal

System > Network > VPN > IPSec VPN

P1 proposal is used in the Phase 1 SA.

In the P2 Proposal section of the IPSec VPN page, you can perform the following actions:

Click New to create a new P2 proposal.
Click Edit to edit the selected P2 proposal.
Click Delete to delete the selected P2 proposals.

Options in the P2 Proposal Configuration dialog:

Option	Description
Protocol Name	Specifies or displays the name of the Phase2 proposal.
Protocol	Specifies the protocol type for Phase2. The options are ESP and AH. The default value is ESP.
Hash	Specifies the No.1 authentication algorithm for Phase2. You can define three hash algorithms for Phase2. SHA-1 - Uses SHA-1 as the authentication algorithm. Its hash value is 160-bit. This is the default hash algorithm. MD5 - Uses MD5 as the authentication algorithm. Its hash value is 128-bit. SHA-256 - Uses SHA-256 as the authentication algorithm. Its hash value is 256-bit. SHA-384 - Uses SHA-384 as the authentication algorithm. Its hash value is 384-bit. SHA-512 - Uses SHA-512 as the authentication algorithm. Its hash value is 512-bit. NULL- No authentication.
Encryption	Specifies the No.1 encryption algorithm for Phase2. You can define four encryption algorithms for Phase2. 3DES - Uses 3DES as the encryption algorithm. The key length is 192-bit. This is the default encryption algorithm. DES - Uses DES as the encryption algorithm. The key length is 64-bit. AES-128 - Uses AES as the encryption algorithm. The key length is 128-bit. AES-192 - Uses 192-bit AES as the encryption algorithm. The key length is 192-bit. AES-256 - Uses 256-bit AES as the encryption algorithm. The key length is 256-bit. NULL - No encryption.
Compression	Specifies the compression algorithm for Phase2. By default, no compression algorithm is used.
PFS Group	Specifies the PFS function for Phase2. PFS is used to protect DH algorithm. No PFS - Disables PFS. This is the default value. Group1 - Uses Group1 as the DH group. The key length is 768-bit. Group2 - Uses Group2 as the DH group. The key length is 1024-bit. Group5 - Uses Group5 as the DH group. The key length is 1536-bit.
Lifetime	You can evaluate the lifetime by two standards which are the time length and the traffic volume. Type the lifetime length of P2 proposal into the box. The value range is 180 to 86400 seconds. The default value is 28800.
Lifesize	By default, this function is disabled. Select Enable to enable the P2 proposal traffic-based lifetime. And then specifies the traffic volume of lifetime. The value range is 1800 to 4194303 KBs. The default value is 1800. Type the traffic volume value into the box.